Lead the SOC team in providing a secure environment through continuous management and coordination of Security Information and Event Management (SIEM) systems.
Design and implement enterprise SecOps architecture (SIEM, SOAR, EDR/XDR, Threat Intelligence, IAM integration)
Define log collection strategy across cloud, on-prem, SaaS, endpoints, and network
Architect detection strategy aligned to MITRE ATT&CK
Establish monitoring coverage and telemetry standards
Deploy and configure SIEM/XDR platforms
Develop detection rules and use cases
Integrate security tools (EDR, NDR, IAM, cloud security, vulnerability management)
Build SOAR playbooks and automation workflows
Establish alert tuning and noise reduction process
Develop incident response procedures and runbooks
Define severity classification and escalation matrix
Establish SLA/SLO for detection and response
Build case management and ticketing workflows
Implement threat hunting lifecycle
Conduct tabletop exercises
Align SecOps to: NIST CSF, ISO 27001, MITRE ATT&CK, CIS Controls
Support audits and regulatory assessments
Document architecture and processes

Bachelor’s degree in computer science, cybersecurity, or a related field.
0-2 years of experience in SOC Engineering scope.
Experience in Security Operations / SOC
Hands-on experience with SIEM platforms (e.g., Splunk, Sentinel, QRadar, Elastic)
Strong knowledge of MITRE ATT&CK mapping
Experience deploying EDR/XDR solutions
Incident response and digital forensics experience
Log parsing and query writing (KQL, SPL, etc.)
Strong analytical, problem-solving, and decision-making skills.
Excellent communication and leadership abilities.
Relevant certifications (e.g., CISSP, CISM, CEH) are highly preferred.

T&T Analyst – Security Operations Center (SOC) Engineer

Key skills