Vaco Binary Semantics - Security Operations Center Analyst - Endpoint Detection & Response (8-10 yrs)

Job Title : SOC Engineer.

Location : Remote.

Employment Type : Full-Time.

Shift Timing : Night Shift (7:30 Pm-4:30 Am).

About the Role :

We are seeking a skilled and proactive SOC (Security Operations Center) Engineer to join our cybersecurity team.

In this role, you will be responsible for monitoring, detecting, and responding to cyber threats, ensuring the security of our network and systems.

As a SOC Engineer, you will work closely with our IT and security teams to manage, optimize, and secure the organization's security infrastructure, with a strong focus on Endpoint Detection and Response (EDR).

Key Responsibilities :

Threat Monitoring and Analysis :

- Continuously monitor security alerts and events across networks, servers, applications, and endpoints using EDR and SIEM tools.

- Analyze and triage potential security incidents to determine their severity and potential impact.

- Respond to and escalate security incidents, documenting actions and findings.

Endpoint Detection and Response (EDR) :

- Implement, manage, and optimize EDR solutions to monitor and protect endpoints across the organization.

- Conduct proactive threat hunting and investigation within endpoints, utilizing EDR telemetry and behavioral analytics.

- Collaborate with the incident response team to perform endpoint containment, eradication, and recovery actions as necessary.

- Generate actionable insights from EDR data to strengthen overall endpoint security.

Incident Response :

- Lead the investigation and response to security incidents, including containment, eradication, and recovery.

- Collaborate with the Incident Response team to mitigate risks and analyze root causes.

Vulnerability Management :

- Identify and assess vulnerabilities in the network, systems, applications, and endpoints.

- Work with relevant teams to apply patches and recommend security enhancements.

Security Tools Management :

- Manage and optimize SIEM (Security Information and Event Management) tools and other security monitoring solutions.

- Configure, maintain, and update SOC tools, including firewalls, IDS/IPS, endpoint protection, and EDR platforms.

Reporting and Documentation :

- Create detailed incident reports and contribute to documentation of SOC processes and procedures.

- Provide regular security metrics and reports to management.

Collaboration and Improvement :

- Work closely with IT, network, and application teams to ensure a cohesive security strategy.

- Stay up-to-date on the latest cybersecurity trends, threats, and technologies, and recommend improvements to the SOC's capabilities.

Qualifications :

- Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience).

- 8+ years of experience in cybersecurity, SOC, or a related role.

- Strong knowledge of SIEM tools (e.g, Splunk, QRadar), firewalls, IDS/IPS, endpoint protection, and EDR solutions (e.g, CrowdStrike, Carbon Black, SentinelOne).

- Familiarity with security frameworks (e.g, NIST, ISO 27001) and incident response best practices.

- Proficiency in analyzing network protocols, logs, and security events, especially from EDR sources.

- Relevant certifications (e.g, CEH, CompTIA Security+, CISSP) are a plus.

Key Skills :

- Excellent analytical and problem-solving skills.

- Strong attention to detail and ability to work under pressure in a fast-paced environment.

- Effective communication skills and ability to work in a team-oriented setting.