A leading cybersecurity company in Abu Dhabi is hiring a SOC Engineer (SIEM) for a 6-month extendable contract.
Responsibilities
• Support SIEM operations and engineering activities within the SOC.
• Handle first-level SIEM and log source issues, including health checks and telemetry validation.
• Assist with onboarding and configuring new log sources across cloud, on-prem, and network environments.
• Optimize SIEM performance and enhance detection telemetry (Splunk, Sentinel, QRadar, LogRhythm, etc.).
• Troubleshoot ingestion issues, parsing errors, and data pipeline gaps.
• Support rule tuning, alert optimization, and SIEM hygiene tasks.
• Contribute to Splunk/Sentinel maintenance, updates, and best-practice improvements.
• Provide reporting and documentation related to SIEM operations.
• Collaborate closely with SOC analysts, engineers, and customer teams to resolve technical issues.
Requirements
• Strong experience with SIEM platforms such as Microsoft Sentinel, Splunk, QRadar, LogRhythm, or FortiSIEM.
• Hands-on ability to diagnose log onboarding, ingestion, cloud connectors, and network log issues.
• Experience in SOC environments (minimum 7 years preferred).
• Python scripting knowledge for automation and data parsing.
• Foundation in cloud (Azure preferred) and network technologies (TCP/IP, firewalls, proxies, etc.).
• Understanding of SOC workflows, detection, health checks, and incident support.
• Strong communication and problem-solving skills.
Preferred Certifications
• Splunk Certified Admin/Architect
• Microsoft SC-200
• Other SIEM, cloud, or network certifications (Azure, AWS, GCP, CCNA)
