Security Operations Center

Security Operations Center (SOC) Engineer

ICE Consulting is seeking a talented Security Operations Center (SOC) Engineer to join our team. The SOC Engineer will work as part of the SOC team to monitor and analyze the environment, identify and respond to security threats, and lead efforts to improve the company's security posture. The engineer is expected to provide thought leadership and technical mentorship on how to respond to security incidents based on security best practices.

We are a privately owned leading Managed IT Services company (Managed Service Provider) since 1997, specializing in managed IT and managed security services for small to medium-sized enterprises. We seek highly passionate individuals to join our team and contribute to growth and success.

Responsibilities

• Developing and implementing SIEM solutions internally and for clients, including candidates who have strong experience in assessing and implementing SIEM and other operational tools and processes for a Security Operations Centre (SOC).
• Develop content for a complex and growing SIEM infrastructure, including use cases, dashboards, active channels, reports, rules, filters, trends, and active lab sessions.
• Administer, operate, and manage SIEM platform health, including log sources, parsers, alerts, and reports to ensure the platform operates as planned.
• Monitor SIEM and other event sources, assess, prioritize, escalate, and manage security alerts.
• Analyze security, network, database, and application logs; correlate events to create threat scenarios to stay ahead of threat actors and reduce exposure.
• Lead imminent threat/zero-day response across the environment.
• Translate threat intelligence into actionable security measures across tools such as firewalls, IDS/IPS, and malware detection across multiple vendor platforms.
• Track and resolve security incidents on a regular basis; collaborate with other teams for resolution and identify areas for improvement.
• Build and/or operate custom connectors/parsers to integrate devices or IT assets not supported out of the box.
• Own and operate key security solutions designed to protect the company from cyber threats and attacks.
• Lead in deploying new solutions and technologies to improve the security posture of the company.
• Continuously fine-tune security solutions to reduce false positives and false negatives.
• Work with MITRE framework for cyber adversary tactics and techniques.

Must have working knowledge of SIEM solutions such as QRadar, Sentinel, Splunk, LogRhythm, or Open Source SIEM (Wazuh, ELK).

Requirements

• The ideal candidate will have deep technical knowledge of the following:
• System security and SIEM implementation experience
• Experience with Security Event Management from technology/tool and process perspectives
• TCP/IP networking knowledge and familiarity with major protocols (HTTP, SSL/TLS, DNS, SMTP)
• Experience with SIEM, vulnerability scanning tools (Nexpose, Metasploit), File Integrity Monitoring, and Data Loss Prevention
• Development of security scripts in PowerShell or Python for automated detection and scanning
• Network stream analysis using PCAP data and packet reconstruction
• Experience executing on Incident Response Frameworks such as NIST, SANS
• Current knowledge of security threats, solutions, tools, and network technologies
• Understanding of information security and compliance regulations (ISO 27001, PCI DSS, GDPR)
• Strong diagnostic and problem-solving skills; ability to troubleshoot technical issues
• Fluency in English, written and spoken
• Excellent documentation skills
• Ability to work independently and as a team player
• Occasional travel may be required

Education & Qualifications

• 2 to 5 years of professional experience
• Bachelor's Degree in an IT-related discipline
• In lieu of certifications, at least 2 years of information security, auditing, or risk management experience

Seniority level

• Mid-Senior level

Employment type

• Full-time

Job function

• Information Technology

Industries

• IT Services and IT Consulting

Referrals increase your chances of interviewing at ICE Consulting - Managed IT & Cybersecurity for Life Sciences.

#J-18808-Ljbffr

---