Cyber Security Operations Engineer (SOC, Incident Response, Managing Security Devices)
An established organization is looking for a seasoned cybersecurity professional to take on a cyber security role in managing cyber security operations (SOC), Incident Response and managing the security devices and governance, ensuring compliance with regulatory standards and frameworks.
Key Responsibilities
Security Operations
- Oversee the day-to-day operation of security systems and controls across IT and network infrastructure.
- Manage and fine-tune technologies such as SIEM, SOAR, EDR, IAM, DLP, and firewall systems.
- Monitor threats, respond to security events, and lead escalation and remediation processes.
- Ensure 24/7 readiness of incident response through defined playbooks and coordination with internal teams and service providers.
Managing/Handling of Security Devices
- Provide technical guidance and oversight across a broad range of security technologies, including:
- Firewalls: Palo Alto, Fortinet, Checkpoint
- EDR/AV: CrowdStrike, Trellix, Microsoft Defender
- SIEM/SOAR: Splunk, QRadar, Elastic, XSOAR
- IAM: CyberArk, Nokia IAM
- DDoS/DLP/VPN/NAC: Cloudflare, Forcepoint, Cisco, Fortinet
- Ensure systems are securely configured, patched, and aligned with hardening baselines.
- Maintain and update documentation for processes, systems, and configurations.
Threat Intelligence & Response
- Stay updated on emerging cyber threats and attack techniques.
- Perform threat modelling and lead red/blue team exercises to test incident readiness.
- Investigate security breaches and coordinate incident handling to minimise impact.
- Deliver clear, timely incident reports and updates to stakeholders.
Governance, Risk & Compliance
- Develop, implement, and maintain cybersecurity policies, standards, and procedures.
- Lead regular risk assessments, audits, and compliance reviews.
- Align security practices with global standards (e.g., ISO 27001, NIST, CIS) and local regulations (e.g., Cybersecurity Act, TCS Code).
- Champion awareness and training programs to strengthen cyber hygiene across the organisation.
Project & Delivery Management
- Lead and deliver cybersecurity projects, including tool deployments, upgrades, and architecture improvements.
- Collaborate with internal stakeholders, third-party vendors, and integrators to meet project goals.
- Manage timelines, budgets, risk mitigation, and overall delivery quality.
Experience required:
- SOC, Incident Response, handling of security devices
- A degree in Information Security, Computer Science, or related discipline.
- Over 5 years of proven experience in cybersecurity operations, incident response, and governance.
- Hands-on knowledge of enterprise security systems and threat detection tools.
- Strong understanding of cloud, networking, and endpoint security principles.
- Familiarity with frameworks like MITRE ATT&CK and regulatory requirements in the region.
- Industry certifications such as CISSP, CISM, CISA, or CEH are a strong advantage.
Feel free to reach out at [Confidential Information] for more details.
Reg. No. R1878306
EA License no.: 16S8066
