This job offer is not available in your country.
Sr. SOC Engineer
i2c IncLahore, Punjab (On Site)30+ days ago
Job descriptionEducation : Bachelors in Cyber Security Experience : 3 - 6 Years Strong hands-on skills on implementing and using Security Information Event Management (SIEM) tools, log analysis, creation of basic co-relation rules, and administration of SIEM. Knowledge of Kali Linux, IDS / IPS, firewall, threat intelligence platforms, threat hunting, SOAR, Automation, and other security products. Proactive, self-managed, and able to interface well with technical teams across the organization. Any of the following certifications will be a plus point. Web Application Firewall SIEM and XDR Firewall and Network Security Threat detection, IDS / IPS) Infrastructure DDOS protection Center for Internet Security (CIS) benchmark Malware detection Endpoint Detection and Response (EDR) Vulnerability Assessment and Management Identity and Access Management (IAM) Data Loss Prevention (DLP) Network Access Control (NAC) Anti-virus and Anti-malware Syslog Layer 7 DDOS protection User and Entity Behavior Analytics (UEBA) Network Traffic Analysis Threat intelligence platform Incident response platforms Security Orchestration, Automation, and Response (SOAR) Phishing Simulation and Awareness Endpoint security Log management. Silver C2 (Command and Control) server CTEM XM Cyber Kali Linux
Job Description
- Manage and optimize the performance of the SIEM and XDR solutions (Wazuh) to ensure effective security monitoring and incident detection.
- Expertise in threat intelligence analysis, including the ability to identify, assess, and prioritize emerging threats to the organization.
- Monitor and analyze trends, security logs, and alerts from Threat Prevention, firewalls, network appliances, Linux servers, Advance Web Application Firewalls, DDoS, API attacks, identity management, etc. to identify and mitigate security incidents.
- Understand and analyze Palo Alto Networks Threat Detection capabilities to identify and respond to advanced threats.
- Develop and maintain custom Yara rules for malware detection, leveraging Red Hat Insights and Bitdefender EDR for comprehensive malware protection.
- Configure and maintain Security Onion for network traffic analysis, threat hunting, and incident response.
- Integrate Dynatrace AppSec RAV and RAP to provide application-level security monitoring and vulnerability detection.
- Manage and optimize Tenable Nessus for comprehensive vulnerability assessment and remediation.
- Understand Cisco ESA and GTB DLP solutions to monitor data loss prevention (DLP) controls.
- Enhance the usage of Syslog for centralized log management and UEBA for user and entity behavior analysis.
- Utilize threat intelligence from various sources to proactively ingest, identify, analyze, and prioritize emerging threats, reducing the risk of successful cyberattacks.
- Implement and maintain SOAR (Security Orchestration, Automation, and Response) capabilities to streamline incident response and security automation.
- Ensure the organization's security posture aligns with the CIS Benchmark and other industry best practices.
- Provide technical leadership and mentorship to the security operations team, sharing knowledge and best practices.
- Collaborate with cross-functional teams to continuously improve the organization's overall security posture.
- Participate in regular security reviews, incident response, and continuous improvement initiatives.
- Strong automation skills, including the development of scripts and tools to automate repetitive tasks and enhance SOC workflow.
We are looking for
Skills
a. Certified Information Systems Security Professional (CISSP)
b. Certified Ethical Hacker (CEH)
c. CompTIA Security+
d. Certified Information Systems Auditor (CISA)
e. Certified Information Security Manager (CISM)
Other Skills :
Create a job alert for this search
Engineer • Lahore, Punjab (On Site)