Senior Cyber Security Engineer with Security Clearance

*Senior Security Engineer* We are searching for a SOC Engineer who will be responsible for monitoring, reporting, and resolving escalating events. Utilizing SOAR (security orchestration, automation, and response) technology to protect the client from attacks. The primary function of this position is to manage and monitor the analytic tools and perform alert management and incident identification and resolution *Responsibilities and Duties:* - Acknowledge, analyze and validate incidents triggered from correlated events through SIEM solution- Perform Cyber Threat Hunting- Understand and perform detailed Incident Response- Engineer solutions for support efficiency- Acknowledge, analyze, and validate incidents received through other reporting mechanisms such as email, phone calls, management directions, etc.- Collection of necessary logs that could help in the incident containment and security investigation- Escalate validated and confirmed incidents to SOC Analyst- Undertake first stages of false positive and false negative analysis- Understand the structure and the meaning of logs from different log sources such as FW, IDS, Windows DC, Cisco appliances, AV and antimalware software, email security etc.- Understand the subject of Carbon Black alarms, CrowdStrike alarms- Deep understanding of SPLUNK, how to configure and manage and create detailed reports- Open incidents (ITSM Platform) to report the alarms triggered or threats detected. Analyst should properly include for each incident on all details related to the logs, alarms and other indicators identified in accordance with the intervention protocol of each client and the SLA.- Track and update incidents and requests based on client''s updates and analysis results- Properly log client requests and change requests- Report infrastructure issues to the support team.- Report false positive alarms from Carbon Black and CrowdStrike- Generate weekly reports from tools management- Other duties related to the position *General Knowledge/Experience* - Knowledge and hands-on experience in management of IDS/IPS, Firewall, VPN, and other security products- Experience in Security Information Event Management (SIEM) tools, creation of basic co-relation rules, and administration of SIEM- Should have expertise on TCP/IP network traffic and event log analysis- Knowledge and hands-on experience in CrowdStrike, Splunk, Nessus, Carbon Black- Knowledge of ITIL disciplines such as Incident, Problem and Change Management *Basic Qualifications:* - 10+ years in the Security Operations field- 5-8 years as an engineering resource- At least 5 years as a help desk analyst- Must have 1 of the following certifications: CEH OR CISSP- Bachelor of Science in an Engineering Discipline

Created: 2026-03-07