IT Security Engineer – SOC

Security Operations Engineer – (SOC)

Contract: 1 year
Mainly Remote
Overview:
Our client is seeking a Technical Security Operations Engineer to strengthen our cybersecurity team. This role focuses on monitoring, detecting, and responding to security incidents using tools like Symantec, Microsoft Sentinel, QRadar, and Qualys, ensuring the protection of our IT infrastructure and sensitive data.
Key Responsibilities:

• Monitor and analyse security alerts with Symantec Endpoint Protection, Microsoft Sentinel, QRadar, and Qualys.
• Detect, investigate, and respond to security incidents promptly.
• Perform threat hunting, develop detection rules, and reduce false positives.
• Conduct in-depth security investigations and recommend corrective actions.
• Collaborate with IT and security teams to mitigate risks and enhance security.
• Stay updated on emerging threats and optimise security tools for effective detection.
• Document and implement incident response playbooks for identified threats.
• Assist in vulnerability management, ensuring timely patching.

Required Skills and Qualifications:

• 5+ years in SOC or cybersecurity roles.
• Hands-on experience with Symantec, Microsoft Sentinel, QRadar, and Qualys.
• Strong proficiency with SIEM tools.
• Solid understanding of network security, IDS/IPS systems, and TCP/IP protocols.
• Experience in incident response and managing complex security incidents.
• Knowledge in malware analysis, vulnerability assessments, and forensics.
• Proficiency in scripting for automation.
• Strong analytical and problem-solving skills.

Certifications:

• CISSP, CEH, or equivalent certifications are advantageous.
• Ability to work independently and in a collaborative, fast-paced environment.