Sr Engineer - Global Information Security

The Senior Engineer SOC Operations is responsible for overseeing the daily operations of the Security Operations Center (SOC). This role involves managing a team of security analysts, ensuring timely detection and response to security incidents, and maintaining the security posture of the organization. The Assistant Manager will work closely with IT, compliance, and business units to safeguard information assets and support continuous improvement in security practices.

Key Responsibilities:

1. SOC Management and Supervision:

Oversee the day-to-day operations of the SOC, ensuring effective monitoring, detection, and response to security incidents.

Possess in-depth technical knowledge of various security controls, including the ability to craft Security Information and Event Management (SIEM) queries, understand Data Loss Prevention (DLP), Cloud Access Security Broker (CASB), Endpoint Detection and Response (EDR)/Endpoint Protection Platform (EPP), Web Application Firewall (WAF), Firewalls (FW), and conduct Network Traffic Analysis.

Investigate alerts to reduce false positives, thereby minimizing unnecessary workload and provide well-analysed whitelist suggestions based on security best practices.

2. Incident Response:

Investigate the alert within the defined SLA and conclude, whether this needs to be escalated to SOC manager.

Coordinate and lead the response to security incidents, ensuring proper documentation, communication, and remediation.

Conduct post-incident analysis to identify root causes and recommend preventive measures.

Ensure compliance with incident response protocols and regulatory requirements.

Maintain Security Operations Center (SOC) metrics, including Mean Time to Detect (MTTD), Mean Time to Respond (MTTR), and Mean Time to Contain (MTTC), to measure and improve incident response times.

3. Security Monitoring and Reporting:

Ensure timely follow-ups and closure of incidents pending for more than seven days to maintain operational efficiency.

Ensure continuous monitoring of security alerts and events through SIEM (Security Information and Event Management) and other monitoring tools.

Develop and maintain security metrics and dashboards to provide visibility into SOC performance and security posture.

Prepare and present regular reports on security incidents, trends, and SOC activities to senior management.

Stay current with emerging security trends, threats, and technologies to ensure the SOC remains effective.

Qualifications and Skills:

Education and Experience:

Bachelor s degree in Computer Science, Information Technology, Cybersecurity, or a related field.

2-3 years of experience in cybersecurity, with at least 2 years in a SOC environment.

Technical Skills:

Proficiency in security monitoring tools and technologies, such as SIEM, IDS/IPS, EDR, and threat intelligence platforms.

Strong understanding of network protocols, firewalls, VPNs, and other security technologies.

Knowledge of common attack vectors, threat actors, and incident response methodologies.

Certifications:

Relevant industry certifications such as CEH, Security +.

Soft Skills:

Excellent leadership and team management skills.

Strong analytical and problem-solving abilities.

Effective communication skills, both written and verbal.

Ability to work under pressure and manage multiple priorities.

Working Conditions:

This role typically operates in an office environment with 24x7 working hours.

May require availability for on-call support and response to security incidents outside regular business hours.

Some travel may be required for training, conferences, or collaboration with other offices.