Security Engineer II (SOC)

We are looking for a highly skilled and motivated Security Engineer to join our dynamic team. In this role, you will be responsible for managing security incidents, identifying vulnerabilities, and implementing strategies to mitigate risks across our organization’s infrastructure. If you have a proven track record in incident response, vulnerability management, and enhancing overall security posture, we would love to hear from you.  

Responsibilities and Deliverables: 

• Incident Response: Monitor and analyze security event logs and alerts to detect potential incidents, and lead investigations for containment, eradication, and recovery. 
• Root Cause Analysis: Perform in-depth analysis of sophisticated security incidents and targeted attacks across systems, networks, and code to identify root causes and prevent recurrence. 
• Security Automation: Enhance detection and response capabilities through automation, including fine-tuning alerts to reduce false positives and automating responses to repetitive incidents. 
• Playbook Creation: Develop and maintain incident response playbooks for distinct types of security incidents, ensuring they align with current threats. 
• Security Event Enrichment: Leverage IOCs, threat intelligence, and other data sources to enrich security events, improving detection accuracy and reducing incident response time. 
• Collaboration: Work with security stakeholders and cross-functional teams to coordinate incident response efforts and improve overall security initiatives. 
• Threat Hunting: Conduct proactive threat hunting to identify potential malicious activities and mitigate emerging risks before they escalate. 
• Vulnerability Management: Identify, assess, and prioritize vulnerabilities across systems, applications, and networks, and ensure effective remediation strategies. 
• Vulnerability Scanning & Testing: Regularly conduct vulnerability scans, penetration tests, and risk assessments to uncover weaknesses in the security posture. 
• Patch Management: Collaborate with IT and development teams to ensure timely patching and remediation of vulnerabilities. 

Required Experience & Education:

• Education: Bachelors/Master's degree in computer science, Information Technology, Cybersecurity, or a related field. 
• Experience: A minimum of 3 years of experience in a Security Operations Center (SOC) environment. 
• Certifications: Relevant certifications such GCIA, GCIH, AWS Security Specialist or any other certification that is in the field of Security Operations or Incident Response 
• Coding Skills: Proficient in coding languages like Python or Go 
• Technical Skills: Hands-on experience with security tools and technologies such as SIEMs, Endpoint Detection and Response (EDR), Web Application Firewalls (WAFs), Intrusion Detection Systems (IDS), and vulnerability scanners. 
• Hands-on Experience: Proficient in the incident response process, including identification, containment, remediation, and recovery. 
• Cloud Experience: Experience with cloud security services, preferably in AWS or Azure environments. 
• Analytical Skills: Strong analytical and problem-solving skills with a detail-oriented approach to security challenges. 
• Soft Skills: Excellent verbal and written communication skills, capable of conveying complex security concepts to non-technical stakeholders.