L3 SOC Engineer / Analyst

Threat Intelligence:

• Integrate threat intelligence into security operations to enhance detection and response capabilities.


• Research and analyze advanced cyber threats and TTPs (Tactics, Techniques, and Procedures).

Advanced Security Analysis:

• Conduct in-depth analysis of advanced persistent threats (APTs) and other sophisticated attacks.


• Develop custom signatures and detection mechanisms for unique threats.

Forensic Expertise:

• Provide expert-level digital forensics and incident investigation support.


• Collaborate with law enforcement or external agencies when necessary.

Security Architecture and Design:

• Contribute to the design and implementation of secure network architectures.


• Assess and recommend improvements to security infrastructure.

Advanced Tool Management:

• Manage and optimize advanced security tools, such as threat intelligence platforms, sandboxing solutions, and advanced endpoint protection systems.

Policy and Compliance:

• Contribute to the development and enforcement of security policies and standards.


• Ensure compliance with industry regulations and standards.

Continuous Improvement:

• Drive continuous improvement initiatives within the SOC.


• Evaluate and implement new technologies and methodologies to enhance security capabilities.

Qualification / Experience:

Responsibility:

• In-depth knowledge of multiple cloud platforms such as AWS, Azure, Google Cloud, and others.


• Understanding of cloud-specific services and features.

Cloud Security Fundamentals:

• Familiarity with cloud security principles and best practices.


• Knowledge of shared responsibility models in cloud environments.


• Identity and Access Management (IAM), Network Security, Data Encryption, Key Management System.

Security Compliance:

• Understanding of regulatory requirements and compliance frameworks relevant to cloud environments.


• Experience implementing and maintaining compliance controls.

Cloud Security Services:

• Familiarity with cloud-native security services such as AWS GuardDuty, Azure Security Center, and Google Cloud Security Command Center.

Container Security:

• Experience securing containerized environments (e.g., Docker, Kubernetes) in the cloud.


• Knowledge of container orchestration security best practices.

DevSecOps:

• Integration of security into the DevOps pipeline.


• Familiarity with tools for automated security testing and code analysis.

Cloud Security Monitoring:

• Proficiency in setting up and configuring cloud-native security monitoring solutions.


• Knowledge of log management and analysis in a multi-cloud context.

Threat Intelligence:

• Integration of threat intelligence feeds into cloud security monitoring.


• Ability to analyze and respond to cloud- specific threats.

Scripting and Automation:

Experience with Infrastructure as Code (IaC) tools like Terraform or AWS Cloud Formation.

Risk Assessment and Management:

• Conducting risk assessments for cloud environments.


• Developing and implementing risk mitigation strategies.


• A Multi-Cloud Security Engineer should possess a holistic understanding of cloud technologies, strong cybersecurity fundamentals, and the ability to adapt to the dynamic nature of cloud security.


• Regularly updating skills and knowledge is crucial in this rapidly evolving field.