SOC Engineer
Division
Location
Closing Date
Responsibilities
- SIEM Engineering & Management: Design, develop, and maintain SIEM dashboards, alerts, and reports. Handle data onboarding, CIM mapping, and optimization of the SIEM environment to ensure accurate detection.
- ICT Project Collaboration: Act as the security subject matter expert (SME) in ICT project, ensuring “security by design” is integrated into every project milestone.
- Incident Response: Monitor security events, investigate suspicious activity, and participate in the technical response to security incidents, ensuring thorough documentation and post-incident reviews.
- SOAR & Automation Orchestration: Develop and maintain automated playbooks (e.g., SOAR) to streamline repetitive tasks, reducing Mean Time to Respond (MTTR) and improving operational efficiency.
- Detection Engineering: Continuously tune SIEM correlation rules and logic to reduce false positives and improve visibility into the MITRE ATT&CK framework.
- Proactive Threat Hunting: Conduct regular, intel-driven threat hunting exercises within the SIEM environment to uncover stealthy indicators of compromise (IoCs) that standard alerting might miss.
- Customer Engagement & SOCaaS Evolution: Partner directly with customers to understand their unique security needs and participate in our SOCaaS offering by scaling service capabilities, improving multi-tenant architectures, and enhancing the overall value of the managed service.
Qualifications
-
- 4+ years of experience in Information Security.
- 2+ years of experience in ICT projects delivery.
- Hands-on experience with Splunk Enterprise (Search Processing Language (SPL), data onboarding, and CIM mapping).
- Strong understanding of networking protocols (TCP/IP, DNS, VPNs) and endpoint security (EDR/AV).
Preferred Certificates:
- Splunk Core Certified Advanced Power User, Splunk Enterprise Security Admin, NSE4-7
Apply here or you can send your CV to jobs@horizonscope.com with the subject line "SOC Engineer"
