SIEM & XDR & SOAR Engineering

• Deploy, configure, and maintain SIEM and SOAR platforms.
• Integrate and manage XDR/EDR solutions.
• Ensure full and accurate log collection from endpoints, servers, firewalls, cloud, and third-party systems.
• Develop and manage custom parsers and data normalization logic.

Detection Rule Deployment & Optimization

• Implement detection and correlation rules developed by Detection Engineers.
• Tune rules to reduce false positives and improve detection quality.
• Ensure detection alignment with the MITRE ATT&CK framework.

Platform Health & Performance

• Monitor and manage ingestion rates, correlation engine performance, and log storage.
• Conduct patching, upgrades, and performance tuning of SOC tools.
• Ensure high availability and disaster recovery readiness.

Integration & Automation

• Integrate SIEM/XDR platforms with SOAR and ticketing systems.
• Support playbook development and event enrichment automation.

Log Onboarding & Source Management

• Onboard new log sources, validate log quality, and troubleshoot issues.
• Work closely with client IT/security teams during onboarding and expansion phases.

Incident Response Support

• Provide technical escalation support for major incidents.
• Assist SOC analysts and threat hunters with investigation tools, log correlation, and RCA.

Documentation & SOPs

• Create and maintain system diagrams, engineering runbooks, onboarding procedures, and configuration records.
• Maintain compliance with internal and external audit standards.

Mentorship & Knowledge Sharing

• Guide and mentor junior SOC engineers and analysts.
• Contribute to the SOC knowledge base and support team skill development.

• Bachelor's degree in Computer Science, Information Security, or related field.
• 3+ years of experience in a SOC, cybersecurity engineering, or SIEM/XDR-focused role.
• Hands-on experience with SIEM, SOAR and strong understanding of EDR/XDR solutions.
• Proficiency in Syslog, Windows Event Logs, NetFlow, firewall logs.
• Experience with scripting (Python, PowerShell, Bash).
• Familiarity with SOAR platforms and ticketing integration.