Senior Soc Engineer Job in Orion Systems

Key Responsibilities

• Incident Response & Escalation: Serve as the Level 3 escalation point for analyzing and responding to security incidents originating from various security technologies and platforms.
• Continuous Optimization: Continuously optimize security solutions to minimize false positive and false negative alerts, ensuring accurate detection of security threats.
• Platform Health Testing: Conduct regular platform health tests to ensure the effectiveness and efficiency of security solutions.
• Automation & Process Improvement: Promote the use of automation and process simplification to reduce threat dwell time and enhance incident response efficiency.
• Log Analysis: Lead the ingestion and analysis of logs from systems and applications into the Security Information and Event Management (SIEM) platform to improve incident analysis and response.
• Collaboration: Work closely with the Penetration Test Team, Cyber Hunt Team, Threat Intelligence, and other internal teams to improve the organization's cybersecurity posture.
• Team Development: Mentor and develop junior SOC analysts to enhance their skills and improve team effectiveness in responding to security incidents.
• Threat Intelligence & Threat Hunting: Participate in proactive threat intelligence and hunting activities to identify and mitigate emerging threats.
• Industry Engagement: Build and maintain relationships with external partners, vendors, and industry peers to stay informed about emerging threats, best practices, and new technologies.
• Proof-of-Concept (PoC) Development: Contribute to proof-of-concept assessments of new security products and solutions to ensure alignment with security requirements.
• Cybersecurity Landscape Awareness: Stay up-to-date with the evolving cybersecurity landscape and recommend proactive measures to improve security defenses.

Technical Competencies & Experience

• Malware Analysis: Expertise in analyzing malware to understand its properties and behaviors and recommending appropriate mitigation strategies.
• User Behavior Analysis: Skilled in reconstructing user activities to identify patterns of malicious behavior.
• Log Analysis & Correlation: Proficient in log analysis, correlation, and the use of SIEM tools to detect and analyze security incidents.
• Network & Endpoint Security: In-depth knowledge of network security (IPS/IDS), enterprise endpoint security, email security, and security protocols across platforms (Windows, Unix, Linux, Cloud Security such as AWS, Azure, GCP).
• Security Tools Expertise: Familiarity with leading-edge security solutions like XSIAM, Nexpose, Metasploit, Proofpoint, and R7 Insight IVM.
• Incident Response Methodologies: Extensive experience in incident response frameworks, and the ability to work across teams to mitigate security incidents.
• Security Technologies: Strong understanding of SIEM, IDS/IPS, EDR, threat intelligence, vulnerability management, and risk assessment frameworks.
• Leadership Skills: Proven ability to lead and communicate effectively with senior management, external vendors, and technical teams to articulate security events and solutions clearly.
• Programming/Scripting: Familiarity with programming or scripting languages like Python, Perl, or Ruby to support automation and tool development efforts.

Qualifications

• Experience: 7+ years of experience in managed security operations, incident response, and SOC engineering, with a proven track record in leading complex security investigations and responses.
• Education: Bachelor s degree in Computer Science, Information Security, or a related field (Master s degree preferred).
• Certifications: Relevant certifications such as CISSP, CISM, GCIH, GNFA, GIAC, or equivalent are highly desirable.
• Technical Skills: Expertise in security technologies such as SIEM, IDS/IPS, EDR, and cloud security platforms (AWS, Azure, GCP).
• Problem Solving: Exceptional problem-solving skills with the ability to manage multiple security incidents simultaneously in a fast-paced environment.
• Communication: Strong communication skills, with the ability to explain complex security concepts to both technical and non-technical stakeholders.
• Leadership: Proven leadership and mentoring skills, with the ability to guide and develop junior SOC analysts.