1. Home
  2. Jobs
  3. SOC Integration Engineer/Senior Engineer
Cybersecurity Onsite

SOC Integration Engineer/Senior Engineer

Commercial International Bank
Cairo - Egypt Listed 3 weeks ago 3-6 years via Naukrigulf
java python docker linux soc siem security

Job Description Roles & Responsibilities * 1. Ensure that all log sources are reporting to the SIEM platform in order to maintain the availability of the logs. 2. Ensure all the integrated assets are reporting to their relevant solution (such as Data Activity Monitor, File Integrity Monitor, Firewall Monitor, SOAR, or TIP) 3. Monitor the log sources to make sure the log sources are sending proper logs that are used to identify incidents for reporting, detecting incidents and/or contextual data by designing and creating dashboards & periodical reports to ensure that all the integrations are functional and in healthy posture. 4. Implement and fine tune use cases over different SOC technologies (including but not limited to SIEM) as required by Security Intel team to identify incidents. 5. Implement Runbooks & automations for detection and response over SOAR platform. 6. Maintain & enhance TIP technology according to Threat Intel team operation requirements. 7. Integrate new commercial and non-commercial Threat Intel feeds with the TIP solution to enhance SOC detections, identifications, investigation and response. 8. Recommend, develop and release new integrations to maximize the benefits and efficiencies from a SOAR platform. 9. Generate reports as required by SOC management teams to be presented to the management to be used in further data analysis. 10. Work with IT systems owners to establish SIEM & SOAR technologies integrations to meet the strategic goals of identifying security incidents by defining Use Cases. 11. Deployment and Development of customized and non-customized SIEM connectors for supported and unsupported SOC log sources, and modify configuration files to achieve the full integrations with different log sources. 12. Develop scripts (Java, Python, Bash) whenever required for automating SOAR responses and SIEM log collection. 13. Fine tune collected log events to minimize false positive alerts. 14. Prepare reports to ensure compliance with the SOC requirements from regulatory and security perspectives. 15. Ensure effective records of log resources and SOC relevant platforms, to maintain the integrity and availability of all evidences used for incident response 16. Manage the continuous improvement of systems engineering processes and activities to enhance the efficiency and effectiveness of reporting and alerting. 17. Research, analyse and understand log sources utilized for the purpose of security monitoring, particularly security and networking devices (such as firewalls, routers, anti-virus products, proxies, EDR, operating systems, etc ), in order to increase effectiveness of the log correlation. 18. Provide technical inputs to management during proof-of-concept reviews for new security products to ensure alignment with the set policies and guidelines. 19. Provide technical guidance to the Security teams and/or the lines of business during investigations or incident response in order to help in the investigation and root cause analysis. Desired Candidate Profile * Qualifications & Experience Bachelor s degree of Engineering, Computer Science or equivalent. Minimum 3 - 6 years of experience in SIEM Technology platforms (5 - 8 years of experience for senior) Working knowledge of Information Security concepts and practices Very Good experience of the SIEM, SOAR, TIP, DAM and FIM solutions Knowledge of Data Activity Monitor and File Integrity Monitor solutions General network knowledge, TCP/IP Troubleshooting Familiarity with system log information and what it means Understanding of common network services (web, mail, DNS, DHCP, authentication) Strong shell scripting experience using Bash, and Python Knowledge of systems metrics and performance monitoring Experience with virtual environments and containers (Docker, LXC) Strong Linux and Windows knowledge Good understanding of Database concepts Recommended one or more of- the below certifications: o SIEM Vendor Related Certificates o SOAR Vendor Related Certificates o TIP vendor related certificates o SANS Global Information Assurance Certification (GIAC) o EC-Council CEH o CISM o CISSP Skills Very good command of English and Arabic language Good communication skills Company Industry BankingFinancial ServicesBroking Department / Functional Area IT Software Keywords SOC Integration Engineer/Senior Engineer Get real-time job updates only on our App

Ready to apply?

You are viewing this role on JobSphere AI. Applications are completed on the original employer / source website.

Apply on original site

Opens the employer's site in a new tab

  • CompanyCommercial International Bank
  • LocationCairo - Egypt
  • CategoryCybersecurity
  • SourceNaukrigulf
  • Listed3 weeks ago

Related Cybersecurity jobs

More Cybersecurity