|
The SOC Engineer is responsible for monitoring, detecting, analyzing, investigating, and responding to cybersecurity threats and security incidents across the organization's IT infrastructure. The role ensures continuous protection of systems, networks, applications, and data through proactive security monitoring and incident response activities.
|
- Monitor security events and alerts generated by security tools such as SIEM, IDS/IPS, EDR, firewalls, and threat intelligence platforms.
- Investigate and analyze potential security incidents to determine severity, impact, and root cause.
- Respond to cybersecurity incidents and coordinate containment, eradication, and recovery activities.
- Conduct threat hunting activities to identify hidden threats and vulnerabilities.
- Develop and maintain security monitoring use cases, detection rules, and incident response procedures.
- Escalate critical security incidents to appropriate stakeholders and management.
- Prepare incident reports and post-incident reviews with recommendations for improvement.
- Support vulnerability remediation efforts by collaborating with infrastructure and application teams.
- Maintain security dashboards, logs, and monitoring systems.
- Participate in security awareness and continuous improvement initiatives.
|
