We are looking for a highly skilled Senior SOC Engineer to lead security monitoring, incident response, detection engineering, and vulnerability management initiatives. This role requires strong hands-on expertise in SIEM/XDR, threat hunting, and risk-based vulnerability management.

Key Responsibilities

Security Monitoring & Incident Response

• Lead security incident investigations and provide technical expertise
• Perform real-time monitoring across SIEM, XDR, NDR, OT & cloud platforms
• Conduct root cause analysis (RCA) and document lessons learned
• Coordinate containment, eradication & recovery activities
• Ensure SLA & KPI adherence

Detection Engineering & Use Case Management

• Develop and tune SIEM/XDR correlation rules aligned with MITRE ATT&CK
• Reduce false positives & enhance detection coverage
• Implement advanced use cases (ransomware, insider threats, APTs, data exfiltration)
• Log source onboarding, parser development & normalization
• Optimize alert thresholds and detection logic

Vulnerability Management

• Lead end-to-end vulnerability lifecycle (discovery → remediation validation)
• Risk-based prioritization using CVSS, asset criticality & business impact
• Correlate vulnerabilities with threat intelligence
• Validate remediation via rescans & penetration testing support
• Develop executive dashboards & risk exposure reports

Threat Hunting & Intelligence

• Conduct proactive hypothesis-driven threat hunting
• Integrate threat intelligence feeds into SIEM/XDR
• Track emerging TTPs and refine detection strategies
• Support adversary simulation exercises

Reporting & Stakeholder Management

• Vulnerability tracking & SLA breach reporting
• Monthly risk & trend analysis
• Patch compliance & remediation validation reporting
• Audit & compliance documentation support

Education

Bachelor’s degree in Cybersecurity, Information Security, Computer Science, or related field

📜 Mandatory Certification (Any One Required)

• Tenable Certified Nessus Professional (TCNP)
• Tenable Certified Security Center (TCSC)
• Qualys Certified Specialist – VMDR
• Qualys Certified Specialist – Web Application Scanning (WAS)

⭐ Preferred Certifications

• CEH
• Microsoft Certified: Security Operations Analyst (SC-200)
• OSCP

💡 Required Skillset

• Hands-on SIEM, XDR/EDR, NDR, SOAR & cloud security monitoring
• Strong understanding of MITRE ATT&CK & threat hunting
• Full vulnerability lifecycle management expertise
• SOC use case tuning & automation
• Knowledge of ISO 27001, NIST CSF frameworks
• Experience with Tenable, Qualys, Rapid7, Acunetix, Burp Suite
• Basic scripting (PowerShell / Python / KQL / SPL)
• Strong reporting & stakeholder communication skills