SECURITY OPERATIONS CENTER (SOC) ENGINEER
KMC Work Location: CYBER SIGMA
Location: Taguig City, Metro Manila
Date Posted: 2023-09-06
Hiring Organization: KMC Solutions | XTN-C3E9868
Career Category: Functional/Business Technology
Job Specification: Security Operations Center (SOC) Engineer
Position: Security Operations Center (SOC) Engineer Location: [Location] Type: Full-Time
Job Summary: We are seeking a highly motivated and skilled Security Operations Center (SOC) Engineer to join our dynamic IT security team. The SOC Engineer will play a critical role in managing security events, analysing Sentinel logs, and assisting in the implementation of best practices aligned with NIST guidelines and governance requirements. The ideal candidate should possess a strong technical background in cybersecurity, hands-on experience with security tools, and a proactive approach to identifying and mitigating security risks.
- Security Event Management:
o Monitor security events and alerts from various sources, including intrusion detection/prevention systems, firewalls, and security information and event management (SIEM) tools.
o Analyse and investigate security incidents to determine the scope, impact, and potential remediation steps.
o Respond to security incidents in a timely and effective manner, collaborating with cross-functional teams to mitigate threats.
- Sentinel Log Analysis:
o Review and analyse Sentinel logs to identify patterns, anomalies, and potential security breaches.
o Develop and maintain log analysis procedures and processes to enhance incident detection and response capabilities.
- FortiGate Firewall Management:
o Administer and update FortiGate firewalls to ensure proper configuration, rule management, and firmware updates.
o Collaborate with network team to define and implement firewall policies that align with security standards and business requirements.
- Best Practice Implementation:
o Assist in defining and implementing best practices for cybersecurity in alignment with NIST guidelines.
o Provide guidance and recommendations to IT team on security controls, policies, and procedures to enhance the overall security posture.
- Governance and Compliance:
o Contribute to the implementation and maintenance of governance controls related to IT security.
o Ensure compliance with industry standards and regulatory requirements, participating in audits and assessments as needed.
- Incident Response:
o Participate in incident response exercises and tabletop simulations to enhance incident handling capabilities.
o Collaborate with incident response team to develop and refine incident response plans.
- Documentation and Reporting:
o Maintain accurate and comprehensive documentation of security events, incident responses, and actions taken.
o Generate regular and ad-hoc security reports for management and relevant stakeholders.
- Bachelor's degree in Computer Science, Information Security, or related field.
- Proficiency in using SIEM tools, log analysis platforms, and firewall management consoles.
- Solid understanding of cybersecurity principles, best practices, and frameworks such as NIST.
- Strong analytical and problem-solving skills, with the ability to identify and respond to security incidents effectively.
- Excellent communication skills, both written and verbal, with the ability to communicate technical concepts to non-technical stakeholders.
- Proven ability to work collaboratively in cross-functional teams and adapt to a fast-paced and evolving security landscape.
- FortiGate experience.
- Experience in a hybrid Azure AD/Intune and local AD environment.
- Experience scripting in PowerShell and/or Python.
- Experience writing queries in KQL.
- Innovative mindset, the drive to change and improve the IT/security environment.
- Relevant certifications such as CompTIA Security+, CISSP, CISM, or equivalent.
- Competitive salary and benefits package
- Opportunities for professional growth and development
- Collaborative and innovative work environment
- Access to cutting-edge cybersecurity technologies and tools
If you are a dedicated SOC Engineer with a passion for security and a commitment to safeguarding our organisation's digital assets, we encourage you to apply.