SOC Engineer (Security Operations Center Engineer)

A SOC Engineer (Security Operations Center Engineer) is responsible for maintaining the security of an organization's IT infrastructure by monitoring, detecting, and responding to security incidents. Below is a typical job description for this role, including key responsibilities:

Certificates Required:

1. GCIH

2. FOR 508

3. GCFA

-skilled at: Penetration testing

Roles and Responsibilities:

• Monitoring and Incident Detection:
• Continuously monitor security alerts and notifications from various security tools and technologies (e.g., SIEM systems, IDS/IPS, firewalls, etc.).
• Investigate security incidents and potential threats.
• Perform triage and prioritize incidents based on severity and impact.
• Detect, analyze, and report any abnormal activity or potential threats in the network.
• Incident Response and Mitigation:
• Lead or assist in the response to security incidents, ensuring proper containment, eradication, and recovery procedures are followed.
• Work with other teams (e.g., IT, network, and system admins) to mitigate security incidents and vulnerabilities.
• Provide guidance on handling and escalating incidents based on predefined escalation paths.
• Security Tools and Technology Management:
• Manage, configure, and optimize security tools (such as SIEM, firewalls, and antivirus software) to enhance security operations.
• Maintain logs and ensure the integrity of security infrastructure tools and devices.
• Implement and update security protocols to ensure the organization’s systems and data are protected.
• Threat Intelligence and Vulnerability Management:
• Collect and analyze threat intelligence data from various sources to identify emerging security threats and vulnerabilities.
• Perform vulnerability assessments and recommend remediation actions based on findings.
• Assist with patch management and ensure timely deployment of security patches.
• Reporting and Documentation:
• Document security incidents, actions taken, and lessons learned to improve future responses and security posture.
• Generate reports on security incidents, system performance, and security operations metrics.
• Present regular status updates on security incidents and trends to management.
• Collaboration and Communication:
• Collaborate with other teams (network security, IT, DevOps, etc.) to ensure a holistic security approach.
• Communicate effectively with internal teams and external vendors to resolve security issues.
• Provide training and knowledge transfer on security best practices to other employees.
• Continuous Improvement:
• Continuously assess and improve the effectiveness of security tools and processes.
• Research new security technologies and trends to stay ahead of potential threats.
• Participate in ongoing security awareness programs and training.
• Compliance and Standards Adherence:
• Ensure that security operations comply with relevant industry standards, regulations, and best practices (e.g., GDPR, HIPAA, PCI DSS).
• Perform regular audits and assessments to ensure compliance with security policies.

Job Type: Full-time

Pay: QAR13,000.00 - QAR15,000.00 per month

Education:

• Bachelor's (Required)

Experience:

• SOC: 4 years (Required)
• Penetration testing : 1 year (Preferred)

Language:

• Arabic (Preferred)
• English (Preferred)

License/Certification:

• Computer Science or Information Technology (Required)
• GCIH (Preferred)
• FOR 508 (Preferred)
• GCFA (Preferred)