SOC Engineer

This is a full-time on-site role for a SOC Engineer at Briskinfosec. You will be responsible for day-to-day tasks related to security operations, incident response, and maintaining the security infrastructure. The role involves actively monitoring security events, analyzing threats, and responding to incidents promptly to safeguard our clients systems.

This is a full-time on-site role for a SOC Engineer at Briskinfosec. You will be responsible for day-to-day tasks related to security operations, incident response, and maintaining the security infrastructure. The role involves actively monitoring security events, analyzing threats, and responding to incidents promptly to safeguard our clients systems.

• Monitor Security Events: Continuously monitor security alerts and logs from various security tools (SIEM, IDS/IPS, firewalls, endpoint protection) to detect and respond to potential threats.
• Incident Detection and Response: Investigate and analyze security incidents, performing initial triage, and escalating incidents when necessary. Ensure prompt and effective containment, eradication, and recovery actions.
• Threat Hunting: Proactively search for signs of potential threats, vulnerabilities, and compromise within the organization s network and systems.
• Incident Documentation and Reporting: Maintain detailed records of security incidents and generate reports on findings, actions taken, and recommendations for improving security.
• Collaboration and Coordination: Work closely with other IT security teams, system administrators, and management to improve security strategies, mitigate risks, and enhance overall security awareness across the organization.
• Security Tool Management: Assist in the configuration, tuning, and management of security tools (SIEM, endpoint detection, network monitoring tools, etc.) to improve detection capabilities and minimize false positives.
• Vulnerability Management: Identify and help remediate vulnerabilities in systems and applications. Participate in patch management and configuration assessments.
• Incident Playbook Creation: Develop, test, and update incident response playbooks to ensure efficiency during security incidents and continuous improvement.
• Security Awareness and Best Practices: Provide guidance on security best practices to internal teams, fostering a security-first mindset across the organization.
• Continuous Improvement: Stay current with the latest cyber threats, attack vectors, and security technologies. Continuously refine detection, response, and mitigation procedures.
• Windows and Linux Systems: Maintain familiarity with Windows Servers and Linux systems, particularly in cloud environments, to support security monitoring and troubleshooting.

• Experience in Security Operations Center (SOC) monitoring and incident response
• Knowledge of security tools and technologies, such as SIEM, IDS/IPS, and endpoint security
• Understanding of network protocols, firewalls, and intrusion detection systems
• Experience with threat intelligence and vulnerability management
• Strong analytical and problem-solving skills
• Certifications like CEH, CompTIA Security+, or CISSP are a plus
• Bachelors degree in Computer Science, Information Technology, or a related field

Bachelors degree in Computer Science, Information Technology, or a related field