Key Responsibilities
1. Technical Leadership and Delivery
- Provide hands-on technical leadership in the design, deployment, and optimization of SOC-related technologies (SIEM, SOAR, TIP, UEBA, BAS, Data Streaming, etc.).
- Act as the technical authority for solution design, integration, and performance validation across hybrid and multi-cloud environments.
- Lead complex client implementations, ensuring solutions meet functional and security requirements.
- Mentor and guide engineers in advanced SOC technologies, detection engineering, and automation best practices.
- Support project managers in technical planning, risk mitigation, and quality assurance.
2. Advanced Analytics Engineering
- Develop and fine-tune advanced detection, correlation, and automation content for SOC platforms.
- Build and enhance Detection-as-Code and Automated Response Frameworks, integrating with AI/ML and Threat Intelligence pipelines.
- Design and implement scalable data pipelines and enrichment workflows to support large-scale analytics.
- Conduct architecture and performance reviews to continuously improve visibility, detection fidelity, and response efficiency.
3. Presales and Solution Design
- Collaborate with sales and solution teams to participate in technical discussions, proof-of-value (POV) exercises, and proposal development.
- Design solution architectures, prepare BOMs, and develop scopes of work (SOWs) for client proposals and tenders.
- Deliver technical presentations, demonstrations, and workshops to clients and prospects.
- Evaluate emerging technologies and recommend innovations to enhance SOC capabilities.
4. Technical Governance and Support
- Establish and maintain governance frameworks for detection content, response playbooks, and integrations.
- Provide advanced troubleshooting and escalation support for complex SOC environments.
- Develop and maintain detailed technical documentation, configuration baselines, and operational guides.
Qualifications and Requirements
- Bachelor's Degree in Computer Science, Information Technology, or Cybersecurity, or equivalent experience.
- 5–8 years of hands-on cybersecurity experience, including deployment and management of SOC technologies.
- Proven technical leadership in SOC engineering or advanced analytics domains.
- Deep expertise in at least two of the following:
- SIEM/XDR/UEBA: Splunk, Elastic, Exabeam, Microsoft Sentinel, Google SecOps, Crowdstrike, Palo Alto XDR
- SOAR: Cortex XSOAR, Splunk SOAR, or equivalents
- TIP: Anomali, EclectiqIQ, or similar platforms
- BAS/Data Streaming: Cymulate, AttackIQ, Cribl, Confluent, etc.
- Experience with DevSecOps, CI/CD automation, or Cloud environments (AWS, Azure, GCP).
- Strong problem-solving and troubleshooting skills, capable of resolving complex technical escalations.
- Excellent communication and documentation skills; comfortable engaging with technical and non-technical stakeholders.
- Professional certifications such as SANS, ISC2, Splunk, Elastic, or Cloud Security credentials are advantageous.
- A passion for cybersecurity innovation, continuous learning, and elevating technical standards across the team.
