Lead the SOC team in providing a secure environment through continuous management and coordination of Security Information and Event Management (SIEM) systems.
Oversee security operations, identifying and mitigating cyber risks, and ensuring robust security measures are in place to protect our clients.
Design and implement enterprise SecOps architecture (SIEM, SOAR, EDR/XDR, Threat Intelligence, IAM integration)
Define log collection strategy across cloud, on-prem, SaaS, endpoints, and network
Architect detection strategy aligned to MITRE ATT&CK
Establish monitoring coverage and telemetry standards
Deploy and configure SIEM/XDR platforms
Develop detection rules and use cases
Integrate security tools (EDR, NDR, IAM, cloud security, vulnerability management)
Build SOAR playbooks and automation workflows
Develop incident response procedures and runbooks
Define severity classification and escalation matrix
Align SecOps to: NIST CSF, ISO 27001, MITRE ATT&CK, CIS Controls

Bachelor’s degree in computer science, cybersecurity, or a related field.
4-6 years of experience in SOC Engineering scope.
Experience in Security Operations / SOC
Hands-on experience with SIEM platforms (e.g., Splunk, Sentinel, QRadar, Elastic)
Strong knowledge of MITRE ATT&CK mapping
Experience deploying EDR/XDR solutions
Incident response and digital forensics experience
Log parsing and query writing (KQL, SPL, etc.)
Strong analytical, problem-solving, and decision-making skills.
Excellent communication and leadership abilities.
Relevant certifications (e.g., CISSP, CISM, CEH) are highly preferred.

T&T Consultant – SOC Engineer

Key skills