Senior SOC Engineer II, Remote

The Senior SOC Security Engineer II will serve as a key technical expert within the Security Operations Center (SOC), responsible for leading the design, implementation, and optimization of security monitoring and incident response technologies. In this hands-on role, you will work closely with SOC analysts and other security professionals to enhance the organization’s ability to detect, respond to, and mitigate security threats. As a senior engineer, you will also be responsible for threat detection and analysis, automation of security processes, and maintaining a strong security posture through continuous improvement of the SOC infrastructure.

In addition to handling high-level security engineering tasks, you will mentor junior SOC analysts and engineers, providing technical guidance and fostering a culture of continuous improvement. You will also serve as the SOC’s subject matter expert for emerging threats, advanced persistent threats (APTs), and cutting-edge security technologies.

1. Engineer and implement security solutions that enhance the SOC’s ability to prevent, detect, and respond to security incidents across cloud environments (AWS, GCP and Azure).
2. Lead the design, deployment, and maintenance of security monitoring infrastructure, including SIEM, IDS/IPS, EDR, and firewalls.
3. Develop and maintain detailed incident response playbooks and procedures, ensuring alignment with industry best practices.
4. Provide expert analysis of security events, correlating data from various sources (network, endpoint, application) to gain a holistic view of potential threats.
5. Assist in containment and remediation strategies for cyber incidents, coordinating with internal teams to ensure swift resolution.
6. Mentor and provide guidance to junior SOC engineers and analysts, helping them develop their technical skills and grow in their roles.

1. Bachelor’s degree in Computer Science, Information Security, or related field.
2. Minimum of 7+ years of hands-on experience in cybersecurity, with a strong focus on SOC engineering, threat detection, and incident response.
3. Expertise in managing and optimizing SIEM platforms (e.g., Sumo Logic), EDR tools, IDS/IPS, and firewalls.
4. Hands-on experience in threat intelligence, threat hunting, and advanced log analysis for incident detection and response.
5. Understanding of security frameworks and methodologies, such as MITRE ATT&CK, NIST, ISO 27001, or CIS Controls.
6. Familiarity with cloud security tools and techniques for monitoring and securing workloads in AWS, Azure, or GCP environments.

1. Strongly Preferred:
2. In-depth knowledge of security operations, including SIEM, EDR, IDS/IPS, malware analysis, and vulnerability management tools.
3. Experience working with cloud security technologies (AWS, Azure, GCP), including monitoring, logging, and incident response in cloud environments.
4. Experience in developing and deploying automation scripts (e.g., Python, PowerShell) to perform routine tasks such as log analysis, threat detection, and incident response.
5. Act as the technical lead in investigating, analyzing, and responding to complex security incidents and remediation efforts.
6. Experience in evaluating new security technologies and making recommendations to enhance the organization’s defensive capabilities.
7. Hands-on experience in malware analysis, reverse engineering, and digital forensics.
8. Experience in advanced log and network traffic analysis to identify security incidents, trends, and anomalous behaviors.
9. Preferred:
10. Certifications such as CISSP, GCIH, GCIA, CEH, OSCP, or GIAC are preferred.