about the company
A global MNC and experts in IT Service is looking to expand their team!
about the job
As a member of the Security Operations Centre (SOC) team, the Security Operations Centre Engineer is responsible for monitoring the environment, recognising security threats that could endanger the firm, and taking appropriate action. The engineer will be the owner of cutting-edge product(s) designed to enhance the company's security posture. The engineer is required to provide thought leadership and sound technical mentoring on how to respond to security incidents using his or her domain expertise.
Additionally, in coordination with asset owners and compliance officers, the individual develops and puts into practise use cases for event correlation, threat monitoring, and alerting (thresholds).
about the team | manager
You’ll be reporting to the group Head of SOC that has displayed significant mastery in both technical knowledge and people management skills.
skills and experience required
- Do cybersecurity vulnerability assessments and take part in processes for managing vulnerabilities and security incidents.
- Assess previously unknown software and hardware vulnerabilities and take appropriate action.
- Support incident response for occurrences that warrant action.
- Analyze threats and vulnerabilities and offer security advice.
- Work with the tier 2 incident response team to maintain and improve the performance of the security platform.
- Maintaining and enhancing vulnerability management, coordinating penetration testing, running and maintaining SOC tool stack, and maintaining and coordinating vulnerability management.
- Improve the SOC systems, processes, and practices.
- Technical procedures, security protocols, and documentation should be recorded and kept current.
- Investigate cutting-edge tools and technologies for cybersecurity innovation.
- Develop your scanning and evaluation capabilities for vulnerabilities.
- Design use cases for the SIEM tool, then implement them.
- Take part in activities such as threat modelling, threat hunting, and threat intelligence.
- accountable for the creation, testing, and implementation of sophisticated IT security solutions.
- Make sure that SOC system operations are more effective and efficient.
- A bachelor's degree, preferably in information security, computer science, or computer engineering, or similar knowledge and skills that can be demonstrated.
- such as the CISSP, CISM, CISA, GCIA, GCIH (desired), AZ-900, MS-500, AZ-500, or SC-200 are professional credentials for information security.
- Excellent knowledge of malware management, vulnerability management, and security incident management protocols, as well as a variety of cyberattacks and modern hacking methodologies.
- TCP/IP, WANs, LANs, and commonly used Internet protocols including SMTP, HTTP, FTP, POP, and LDAP are all concepts you should know well.
- A solid grasp of the functionality and reasoning behind the creation of rules and filters as well as the integration of various event sources with SIEM tools (SPLUNK, QRADAR).
- Excellent SQL and scripting skills (PowerShell, Python, Shell, Bash, Java, etc.).
- Good Docker administration experience.
- Excellent security engineering skills in a cloud context (Azure, Amazon, Google).
- good working knowledge of Microsoft products (Microsoft Sentinel, Microsoft Defender for Cloud, Microsoft 365 Defender, etc).
- Operating system fundamentals, vitalisation technologies, network devices, cloud computing principles, web proxies, firewalls, intrusion detection/prevention systems, antivirus systems, data loss prevention, and vulnerability assessment tools are all covered.
how to apply
If you are ready to take the next leap in your career, use the 'apply' function. You may reach out to our Cybersecurity Recruitment Consultant: Prassath Jay | firstname.lastname@example.org | LinkedIn | for a confidential chat.
For more Cybersecurity jobs, visit the Randstad Website and drop your profile.