SOC Detection Engineer - Remote

Overview

A SOC (Security Operations Center) Detection Engineer is a critical member of the cybersecurity team, responsible for designing, implementing, and maintaining systems and methodologies for detecting and responding to cyber threats. This professional plays a central role in identifying vulnerabilities, monitoring network activities, and ensuring the organization's digital assets are safeguarded against malicious actors.

In Short

• Develop and maintain log collection, analysis, and monitoring systems to identify suspicious activities.
• Analyze network traffic, endpoint data, and system logs to detect anomalies and indicators of compromise (IoCs).
• Identify emerging threats and vulnerabilities by staying updated with the latest intelligence and threat trends.
• Collaborate with SOC analysts to investigate and respond to security incidents.
• Provide technical expertise in triaging and resolving incidents while minimizing impact on operations.
• Design and document incident response procedures for rapid and effective action.
• Develop scripts and tools to automate repetitive detection tasks and enhance operational efficiency.
• Work closely with IT, network, and development teams to ensure security best practices are implemented.
• Communicate findings and recommendations effectively to stakeholders, including non-technical audiences.
• Contribute to the creation of educational materials and workshops to train staff on cybersecurity awareness.

Requirements

• Proficiency in Microsoft tools and platforms, such as Microsoft Sentinel for SIEM operations.
• Strong understanding of Microsoft networking protocols, Active Directory, Azure environments, and firewall configurations.
• Experience with scripting in PowerShell for automation and debugging.
• Ability to analyze complex datasets and extract actionable intelligence.
• Strong troubleshooting skills to identify root causes of potential threats.
• Proven ability to think critically under pressure and make sound decisions during incidents.
• Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or a related field.
• Minimum of 2-3 years of experience in cybersecurity or SOC operations.
• Hands-on experience with threat intelligence platforms and detection methodologies.
• Attention to Detail and adaptability to respond to evolving cybersecurity threats.

Benefits

• Work in a dynamic and evolving field of cybersecurity.
• Opportunity for continuous learning and professional development.
• Collaborate with a team of cybersecurity professionals.
• Contribute to the creation of educational materials and workshops.
• Be part of an organization that values diversity and equal opportunity.