Job Description

Role Summary:

The SOC Engineer / SOC Technologist is responsible for deploying, configuring, and maintaining SOC platforms including SIEM, SOAR, endpoint protection, logging pipelines, and threat analysis systems. This role requires strong Linux administration skills, experience integrating security tools, and supporting SOC teams.

Key Responsibilities

1. SOC Platform Deployment & Engineering

Deploy, configure, and maintain SOC platforms such as SIEM, SOAR, endpoint protection, and threat intelligence systems.

Integrate SOC tools with log sources, servers, network devices, cloud platforms, and identity services.

Build and optimize log ingestion pipelines, parsers, and normalization rules.

Develop and tune correlation rules, dashboards, detections, and reporting functionalities.

2. Linux Systems Administration

Administer and secure Linux-based servers used for SOC operations.

Perform OS hardening, patching, and troubleshooting.

Manage log collection services, agents, and system monitoring tools.

Maintain authentication, permissions, and system-level controls.

3. SOC Operations Support

Collaborate with SOC analysts to enhance alert quality and detection accuracy.

Troubleshoot ingestion failures, alerting issues, and detection rule gaps.

Support incident response by providing logs, system context, and technical analysis.

4. Architecture & Integration

Design SOC platform architectures for enterprise or multi-tenant environments.

Integrate SOC systems with identity platforms, cloud workloads, endpoint protection, and network security layers.

Automate operational tasks and workflows using scripting languages.

5. Documentation & Governance

Create deployment guides, run books, diagrams, and technical documentation.

Ensure SOC platforms align with industry security frameworks and standards.

Required Skills & Experience Technical Skills

Strong Linux administration skills including system security and automation.

Experience deploying and maintaining SOC platforms.

Understanding of monitoring, detection, and incident response processes.

Knowledge of network fundamentals including routing, switching, DNS, and firewalls.

Experience with scripting languages such as Bash or Python.

Understanding of threat analysis, detection engineering, and adversary behaviors.

Soft Skills

Excellent analytical and troubleshooting capabilities.

Clear communication and documentation skills.

Ability to collaborate effectively with SOC teams and stakeholders.

Experience Required

3-5 years of experience in SOC engineering, cybersecurity infrastructure, or security operations, including hands-on deployment of SOC platforms.

Preferred Certifications

Linux administration certifications.

Cybersecurity certifications related to SOC operations, detection engineering, or incident response.

Job Type: Full-time