Cyber Security Engineer

Job Overview

The ideal candidate will be responsible for implementing, integrating, and maintaining all security solutions necessary for our Security Operations Center (SOC). This role will involve close collaboration with the SOC team to ensure the continuous improvement and efficiency of security systems, such as SIEM, and SOAR. The Cybersecurity Engineer will also focus on troubleshooting, documentation, and automation to enhance operational workflows.

Job Responsibilities

• Implement, integrate, and maintain all security solutions required for SOC services, including SIEM, and SOAR.
• Recommend and develop SOAR playbooks to streamline incident response and automation.
• Apply new detection use cases to the SIEM solution to enhance threat detection capabilities.
• Troubleshoot and resolve any issues related to SOC components, ensuring minimal downtime.
• Write clear and comprehensive documentation for tasks such as SOAR playbooks, implementations, and troubleshooting procedures.
• Conduct daily health checks on all SOC components to ensure optimal performance.
• Deliver daily, weekly, and monthly health check reports on SOC components to the SOC Manager.
• Automate regular tasks, such as health checks and the resolution of frequent failures, to improve efficiency.
• Collaborate with the SOC team to ensure continuous enhancement of security posture and response.
  
  

Job Requirements

• University Degree in Computer Science, Computer Engineering, or a related discipline
• 2-4 years of information security experience with a focus on SIEM engineering.
• Strong understanding of various operating systems and their administration (Windows, Linux, etc.).
• Excellent knowledge of networking concepts and protocols.
• In-depth knowledge of different log sources (e.g., Windows, Sysmon, Linux, Auditd, WAF, Firewall, EDR, Antivirus).
• Proficient in working with SOC environments and SIEM solutions.
• Intermediate proficiency in two or more scripting languages (e.g., Python, PowerShell, Bash).
• Familiarity with the MITRE ATT&CK and MITRE D3fend frameworks for threat analysis and defense strategies.
• Experience with rule-based detection systems like SIGMA, YARA, and Suricata.
• Understanding of IOC sharing standards such as STIX/TAXII.
• Strong problem-solving skills and an innovative mindset to improve security processes.
• Excellent communication and presentation skills with a focus on teamwork.
• A continuous learning mentality, staying up to date with the latest trends in cybersecurity.