Job description

Job Summary A Senior SOC (Security Operations Center) Engineer is responsible for leading the monitoring, detection, and response to security incidents and threats within the organization. This role requires extensive experience in cybersecurity operations, project leadership, and mentorship. The ideal candidate will have a deep understanding of cybersecurity principles, be able to work autonomously, manage multiple projects simultaneously, and take a proactive approach in improving security operations. Essential Job Duties Job Duty · Monitor security event logs, network traffic, and security alerts to identify potential security incidents or threats. · Continuously analyze security alerts from SIEM, IDS/IPS, firewalls, antivirus, and other security tools. · Investigate, respond, and lead remediation efforts for security incidents to ensure a coordinated response across teams. · Conduct post-incident analysis and forensic investigations to understand the scope of security breaches and provide recommendations for enhancements. · Develop and implement improvements to incident response processes and security controls. · Proactively search for new and emerging threats within the organization's network environment. · Research and analyze threat intelligence, implementing proactive measures to detect and mitigate risks. · Conduct vulnerability assessments and penetration testing, working with stakeholders to address identified weaknesses. · Recommend and enforce best security practices, policies, and procedures across the organization. · Lead and mentor SOC team members, providing guidance, training, and support to junior engineers. · Develop and conduct training programs for new SOC employees to ensure they are well-equipped to handle security incidents and investigations. · Serve as a subject matter expert (SME) and escalation point for complex security incidents and operational challenges. · Lead multiple security-related projects simultaneously, ensuring timely and effective execution. · Design, implement, and manage security tools and automation solutions to improve SOC efficiency. · Continuously evaluate and enhance security operations processes, identifying areas for improvement and automation. · Collaborate with cross-functional teams to align security initiatives with business objectives. · Communicate effectively with both technical and non-technical stakeholders regarding security concerns and solutions. · Provide regular reports and recommendations to leadership on security incidents, emerging threats, and security posture improvements. · Collaborate with external security organizations and threat intelligence communities to stay ahead of industry threats and trends. Job Qualifications Required Education, Experience, Certification/Licensure · A strong understanding and knowledge of computer, network, and security systems. · Strong analytical, critical thinking, and problem-solving skills. · Bachelor's degree in Computer Science/CyberSecurity, or equivalent work experience · Knowledge of basic security tools and principles like edge security, endpoint security, secure email gateway and SIEM along with other industry standard security tools · Minimum 3 years of relevant work experience in a SOC environment with cybersecurity, incident response, or security operations is typically required. · Understanding of cyber security operations, including daily monitoring and response to alerts and issues. · Basic understanding of security controls for common platforms and devices, including Windows, Mac and network equipment · Strong communication skills are essential for a SOC Engineer to effectively communicate with various stakeholders, including IT teams, management, and external entities. The ability to collaborate and work as part of a team is crucial in managing security incidents and coordinating response efforts. · Strong knowledge of security tools and principles including SIEM, IDS/IPS, firewalls, 2FA/MFA, and EDR, zero-trust models, and cloud security platforms (AWS, Azure, O365). · Experience with penetration testing, security event analysis, incident response, computer forensics, malware analysis or other areas of security operations · Ability to work independently and manage multiple projects simultaneously. · Excellent communication and collaboration skills, with the ability to effectively convey technical security information to diverse audiences. · Must be flexible with schedule. · Must be honest, responsible, self-motivated and very willing to learn. Knowledge, Skills and Abilities (KSAs) · Ability to lead, mentor, and train SOC team members. · Strong project management skills with the ability to handle multiple initiatives. · Perform all work and activities with honesty and integrity. · Ability to work overtime/extended hours as required. Will be required to provide after-hours support for infrastructure related emergencies, as needed, and occasional weekend maintenance. · Effectively communicate (and listen) clearly, professionally, politely and persuasively in all situations; respond well and in a reasonable, timely manner. · Challenge conventional practices and use creativity and information to lead, innovate, problem solve, and implement ideas to contribute to the growth of the organization. · Support and meet company/department goals and core values. · Collaborate with co-workers to achieve common goals. · Take personal responsibility for productivity, quality and timeliness of work. · Problem Solving/Analysis. · Technical Capacity. · Time Management. Other JOB requirements: Physical, Travel, Driving requirements Office / Sedentary Requirements Must be able to perform the essential job duties. Work is performed primarily in an office environment. Typically requires the ability to sit for extended periods of time (66%+ each work day), ability to hear the telephone, ability to enter data on a computer and may also require the ability to lift up to 25 pounds. Travel or Driving Requirements If required, provide the % of travel or driving time. · % of Travel Required: N/A · % of Driving Required: N/A The work environment characteristics described here are representative of those an employee encounters while performing the essential duties of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. The information in this position description indicates the general nature and level of work to be performed. It is not designed to be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of employees assigned to this job. Management reserves the right to revise the job description or require that other tasks be performed when the circumstances of the job change (for example, emergencies, change in personnel, workload, or technical development). This does not alter the nature of the at-will employment between the employer and employee where either party can end the relationship at any time, for any reason or no reason, with or without notice. Company DescriptionData Analysis Inc (DAI) is the parent company of a global group of privately held firms in fields ranging from institutional equity markets to digital investment news and information to omnichannel communication solutions. DAI provides leadership, oversight, and strategic direction and shapes the purpose, vision, and mission of these firms. Shared services include administration, finance, and human resources. DAI’s global team embraces an entrepreneurial focused environment fostering collaboration, teamwork, and creativity with a dynamic culture that emphasizes the value of its associates and their dedication to success. We strive to be leaders in our field, innovators with a history of being in the forefront of using technology to deliver our services.

Requirements