SOC Engineer

4-6 years of experience in SOC operations or security engineering. Hands-on experience with SIEM and EDR tools (e.g., Splunk, Microsoft Sentinel, QRadar, CrowdStrike). Hands-on experience of cloud security principles and services across Azure, GCP and AWS. Familiarity with vulnerability management tools and processes for cloud infrastructure. Understanding of network protocols, system administration (Linux/Windows), and incident response. Knowledge of various operating system flavors including Windows, MacOS, Linux.

Work in a 24x7 Security Operation Centre (SOC) environment. Perform root cause analysis for preventative investigation. Provide threat and vulnerability analysis and security advisory services. Notify SMEs about vulnerabilities, remediation, and follow up on closure within SLA. Administer SIEM environment (deployment, user management, upgrades, log sources, parsing rules, change management, reporting, backup/recovery). Investigate, triage, remediate, and find RCA for compromised accounts, email threats, and abuse reports. Investigate, document, and report on information security issues and emerging trends. Contribute to the development and delivery of written and visual documents.