Soc Engineer

Job Description

Your Responsibilities

Collaborate with Incident Response teams across Bangalore and Dublin to monitor Protect/Detect/Response capabilities.

Serve as Incident Commander during US working hours, coordinating with business stakeholders, Incident Response, and forensic teams to rapidly and effectively resolve information security incidents.

Investigate incidents to identify root causes and document lessons learned.

Preferably, possess IT forensic skills to perform network and host-based forensics for incident root cause analysis.

Track, report incident status, and drive rapid resolution of incidents related to information risk management controls.

Liaise with authorities to support investigations and prosecutions when appropriate.

Take ownership of Security Operations tooling; manage SOC tools in business-as-usual operations and implement use cases to ensure smooth functioning of Security Operations and Response teams.

Identify and resolve issues affecting critical SOC technologies, applying automation to prevent incident recurrence.

Partner with Security Engineering teams to improve security posture, address risk, and solve scalability challenges.

Develop and implement proactive solutions to prevent potential problems before they occur.

Emphasize automation: eliminate manual processes by investigating causes and instituting permanent fixes.

Build analytics and self-service tools to empower Incident Response teams with actionable data, enabling quick response times.

Mentor fellow SOC engineers, shape our technical culture, and contribute to the growth of our team.

Your Qualifications

Degree in Computer Science, Software Engineering, Information Technology, Cybersecurity, or a related field preferred.

3+ years of relevant experience in a SOC environment investigating cybersecurity incidents; DevSecOps or CloudOps experience is a plus.

Experience managing and responding to security incidents in cloud environments.

Strong working knowledge of at least one public cloud platform such as AWS, Azure, or GCP is required.

Solid understanding of Security Operations tools, Security Engineering, Linux/Unix operating systems, and underlying components.

Networking fundamentals knowledge.

Experience in log management and dashboard creation using tools like Elastic Stack, Sumo Logic, or Grafana Cloud.

Hands-on experience maintaining security tools such as SIEM, ELK, Splunk, XDR, Web Application Firewalls (WAF), Key Management Systems (KMS), and Identity and Access Management (IAM) tools.

Strong analytical skills, mental resilience, and the ability to think systematically under pressure.

Highly accountable with a strong sense of ownership.

Excellent work ethic, integrity, team-oriented, and a continuous learner.

Strong interpersonal skills enabling effective communication and collaboration organization-wide.