Black & Grey HR is recruiting for an established technology solutions and services provider in Doha Qatar. Our client is seeking a SOC Engineer to strengthen its Security Operations Center (SOC) by monitoring detecting investigating and responding to cybersecurity incidents across enterprise IT environments. This role is ideal for professionals with hands-on SOC experience who are passionate about threat detection incident response and maintaining a strong organizational security posture.
Key Responsibilities
Security Monitoring & Incident Detection
- Monitor security alerts generated from SIEM XDR EDR NDR IDS/IPS firewalls and cloud security platforms.
- Identify validate triage and prioritize security incidents based on severity impact and business risk.
- Continuously monitor security events to detect malicious activities and potential threats.
Incident Response & Threat Investigation
- Investigate security incidents and perform root cause analysis.
- Analyze malware attack techniques and suspicious activities to determine impact and remediation actions.
- Coordinate containment eradication and recovery activities with internal teams.
- Escalate high-severity incidents following established incident response procedures.
Threat Hunting & Detection Engineering
- Perform proactive threat hunting activities using scheduled queries and threat intelligence.
- Monitor threat hunting dashboards and validate suspicious indicators of compromise.
- Identify emerging attack patterns and recommend improvements to detection capabilities.
Vulnerability Management & Security Operations
- Review vulnerability assessment results and monitor remediation progress.
- Validate patch implementation and ensure timely closure of remediation activities.
- Support day-to-day security operations and ensure compliance with operational procedures.
Reporting & Operational Excellence
- Maintain accurate incident records investigation notes and ticket updates.
- Prepare daily operational reports shift handover documentation and incident summaries.
- Ensure compliance with defined SLAs and operational performance metrics.
- Contribute to continuous improvement of SOC processes and security operations.
Requirements
- Bachelors degree in Cybersecurity Information Technology Computer Science or a related field.
- 14 years of hands-on experience working in a Security Operations Center (SOC).
- Experience monitoring SIEM EDR/XDR IDS/IPS firewalls email security and cloud security platforms.
- Good understanding of incident triage security event classification escalation procedures and ticket management.
- Strong understanding of networking fundamentals including TCP/IP DNS HTTP/HTTPS VPN routing switching and common network protocols.
- Experience working with Windows and Linux operating systems endpoint security and system log analysis.
- Knowledge of common cyber threats including phishing ransomware malware brute force attacks web attacks and insider threats.
- Preferred certifications:
o CompTIA Security
o CompTIA CySA
o EC-Council Certified Network Defender (CND)
o Cisco CyberOps Associate
o Microsoft SC-200
- Additional certifications such as CHFI or DFIR Foundations will be an advantage.
Required Skillset
- Security Information & Event Management (SIEM) monitoring and alert analysis.
- Endpoint Detection & Response (EDR/XDR) and Network Detection & Response (NDR).
- Incident detection triage investigation and response.
- Threat hunting and threat intelligence analysis.
- Vulnerability management and remediation tracking.
- Log analysis across endpoints servers firewalls proxies Active Directory cloud platforms and security appliances.
- Basic scripting skills using PowerShell Python or Bash for automation and log analysis.
- Strong documentation communication and incident reporting skills.
- Ability to work in a 247 SOC environment and collaborate effectively during security incidents.
Benefits
- Competitive Salary Benefits Package
Required Skills:
Security Information & Event Management (SIEM) monitoring and alert analysis. Endpoint Detection & Response (EDR/XDR) and Network Detection & Response (NDR). Incident detection triage investigation and response. Threat hunting and threat intelligence analysis. Vulnerability management and remediation tracking. Log analysis across endpoints servers firewalls proxies Active Directory cloud platforms and security appliances. Basic scripting skills using PowerShell Python or Bash for automation and log analysis. Strong documentation communication and incident reporting skills. Ability to work in a 247 SOC environment and collaborate effectively during security incidents.
Required Education:
Bachelors degree in Cybersecurity Information Technology Computer Science or a related field.14 years of hands-on experience working in a Security Operations Center (SOC). Experience monitoring SIEM EDR/XDR IDS/IPS firewalls email security and cloud security platforms.
Black & Grey HR is recruiting for an established technology solutions and services provider in Doha Qatar. Our client is seeking a SOC Engineer to strengthen its Security Operations Center (SOC) by monitoring detecting investigating and responding to cybersecurity incidents across enterprise IT envi...
Black & Grey HR is recruiting for an established technology solutions and services provider in Doha Qatar. Our client is seeking a SOC Engineer to strengthen its Security Operations Center (SOC) by monitoring detecting investigating and responding to cybersecurity incidents across enterprise IT environments. This role is ideal for professionals with hands-on SOC experience who are passionate about threat detection incident response and maintaining a strong organizational security posture.
Key Responsibilities
Security Monitoring & Incident Detection
- Monitor security alerts generated from SIEM XDR EDR NDR IDS/IPS firewalls and cloud security platforms.
- Identify validate triage and prioritize security incidents based on severity impact and business risk.
- Continuously monitor security events to detect malicious activities and potential threats.
Incident Response & Threat Investigation
- Investigate security incidents and perform root cause analysis.
- Analyze malware attack techniques and suspicious activities to determine impact and remediation actions.
- Coordinate containment eradication and recovery activities with internal teams.
- Escalate high-severity incidents following established incident response procedures.
Threat Hunting & Detection Engineering
- Perform proactive threat hunting activities using scheduled queries and threat intelligence.
- Monitor threat hunting dashboards and validate suspicious indicators of compromise.
- Identify emerging attack patterns and recommend improvements to detection capabilities.
Vulnerability Management & Security Operations
- Review vulnerability assessment results and monitor remediation progress.
- Validate patch implementation and ensure timely closure of remediation activities.
- Support day-to-day security operations and ensure compliance with operational procedures.
Reporting & Operational Excellence
- Maintain accurate incident records investigation notes and ticket updates.
- Prepare daily operational reports shift handover documentation and incident summaries.
- Ensure compliance with defined SLAs and operational performance metrics.
- Contribute to continuous improvement of SOC processes and security operations.
Requirements
- Bachelors degree in Cybersecurity Information Technology Computer Science or a related field.
- 14 years of hands-on experience working in a Security Operations Center (SOC).
- Experience monitoring SIEM EDR/XDR IDS/IPS firewalls email security and cloud security platforms.
- Good understanding of incident triage security event classification escalation procedures and ticket management.
- Strong understanding of networking fundamentals including TCP/IP DNS HTTP/HTTPS VPN routing switching and common network protocols.
- Experience working with Windows and Linux operating systems endpoint security and system log analysis.
- Knowledge of common cyber threats including phishing ransomware malware brute force attacks web attacks and insider threats.
- Preferred certifications:
o CompTIA Security
o CompTIA CySA
o EC-Council Certified Network Defender (CND)
o Cisco CyberOps Associate
o Microsoft SC-200
- Additional certifications such as CHFI or DFIR Foundations will be an advantage.
Required Skillset
- Security Information & Event Management (SIEM) monitoring and alert analysis.
- Endpoint Detection & Response (EDR/XDR) and Network Detection & Response (NDR).
- Incident detection triage investigation and response.
- Threat hunting and threat intelligence analysis.
- Vulnerability management and remediation tracking.
- Log analysis across endpoints servers firewalls proxies Active Directory cloud platforms and security appliances.
- Basic scripting skills using PowerShell Python or Bash for automation and log analysis.
- Strong documentation communication and incident reporting skills.
- Ability to work in a 247 SOC environment and collaborate effectively during security incidents.
Benefits
- Competitive Salary Benefits Package
Required Skills:
Security Information & Event Management (SIEM) monitoring and alert analysis. Endpoint Detection & Response (EDR/XDR) and Network Detection & Response (NDR). Incident detection triage investigation and response. Threat hunting and threat intelligence analysis. Vulnerability management and remediation tracking. Log analysis across endpoints servers firewalls proxies Active Directory cloud platforms and security appliances. Basic scripting skills using PowerShell Python or Bash for automation and log analysis. Strong documentation communication and incident reporting skills. Ability to work in a 247 SOC environment and collaborate effectively during security incidents.
Required Education:
Bachelors degree in Cybersecurity Information Technology Computer Science or a related field.14 years of hands-on experience working in a Security Operations Center (SOC). Experience monitoring SIEM EDR/XDR IDS/IPS firewalls email security and cloud security platforms.