A SOC Engineer (Security Operations Center Engineer) is responsible for maintaining the security of an organization's IT infrastructure by monitoring, detecting, and responding to security incidents. Below is a typical job description for this role, including key responsibilities:
Roles and Responsibilities:
• Monitoring and Incident Detection:
• Continuously monitor security alerts and notifications from various security tools and technologies (e.g., SIEM systems, IDS/IPS, firewalls, etc.).
• Investigate security incidents and potential threats.
• Perform triage and prioritize incidents based on severity and impact.
• Detect, analyze, and report any abnormal activity or potential threats in the network.
• Incident Response and Mitigation:
• Lead or assist in the response to security incidents, ensuring proper containment, eradication, and recovery procedures are followed.
• Work with other teams (e.g., IT, network, and system admins) to mitigate security incidents and vulnerabilities.
• Provide guidance on handling and escalating incidents based on predefined escalation paths.
• Security Tools and Technology Management:
• Manage, configure, and optimize security tools (such as SIEM, firewalls, and antivirus software) to enhance security operations.
• Maintain logs and ensure the integrity of security infrastructure tools and devices.
• Implement and update security protocols to ensure the organization’s systems and data are protected.
• Threat Intelligence and Vulnerability Management:
• Collect and analyze threat intelligence data from various sources to identify emerging security threats and vulnerabilities.
• Perform vulnerability assessments and recommend remediation actions based on findings.
• Assist with patch management and ensure timely deployment of security patches.
• Reporting and Documentation:
• Document security incidents, actions taken, and lessons learned to improve future responses and security posture.
• Generate reports on security incidents, system performance, and security operations metrics.
• Present regular status updates on security incidents and trends to management.
• Collaboration and Communication:
• Collaborate with other teams (network security, IT, DevOps, etc.) to ensure a holistic security approach.
• Communicate effectively with internal teams and external vendors to resolve security issues.
• Provide training and knowledge transfer on security best practices to other employees.
• Continuous Improvement:
• Continuously assess and improve the effectiveness of security tools and processes.
• Research new security technologies and trends to stay ahead of potential threats.
• Participate in ongoing security awareness programs and training.
• Compliance and Standards Adherence:
• Ensure that security operations comply with relevant industry standards, regulations, and best practices (e.g., GDPR, HIPAA, PCI DSS).
• Perform regular audits and assessments to ensure compliance with security policies.
Job Type: Full-time
Pay: QAR13,000.00 - QAR15,000.00 per month
Education:
• Bachelor's (Required)
Experience:
• SOC: 3 years (Required)
License/Certification:
• Computer Science or Information Technology (Required)
Location:
• Doha (Required)
