As a Senior SOC Engineer, you are expected to bring several years' experience in the cybersecurity or technical consulting industry to bear on your casework. You will work on managing both multi-tenant and dedicated SIEM environments for customers. This includes onboarding and day to day operations of SIEM and related activities. You will work directly with customers to gather requirements for ensuring the SIEM continues to meet customer needs and expectations.
- Manage daily operations for multi-tenant and dedicated SIEM instances
- Develop runbooks and workflows for customer reporting, alerts and response procedures
- Ensure SIEM environments are running optimal and meeting SLA expectations
- Produce high quality oral and written work product, presenting complex technical matters clearly and concisely.
- Interface with other engineers to integrate security technologies and tools into the SIEM for log analysis and correlation
- Participate on-call rotation to action customer requests during after hours support
- Maintain proficiency with industry standard tools and practices.
- Maintain a high level of professionalism in all areas of performance.
- Strong work ethic and motivation, with a demonstrated history of managing medium to large SIEM deployments. Even stronger analytic, quantitative, and creative problem-solving abilities.
- Experience with performing cyber hunting and incident investigations through SIEM tools and related technologies
- Ability to anticipate and respond to changing priorities and operate effectively in a dynamic, demand-based environment, requiring flexibility and responsiveness to client matters and needs.
- Strong verbal and written communication skills.
- Must be able to work collaboratively across teams
- A high level of professionalism in all areas of performance.
- Comfort with intermittent periods of travel, evening and weekend hours.
- Established experience with most common operating systems and their file systems.
- Proficiency with leading SIEM technologies
- Experience with cloud infrastructures for the enterprise, such as Amazon Web Services, G Suite, Office 365, and Azure.
- Experience with conducting log analysis of SIEMs
- Experience with incident investigations.
- Well-developed analytic, qualitative, and quantitative reasoning skills and demonstrated creative problem solving abilities.