Senior SOC Engineer

Doha - Qatar

Monthly Salary: QAR 24500 - 24500

Experience Required: 5years

Posted on: 30+ days ago

Vacancies: 1 Vacancy

Job Summary

Black & Grey HR is recruiting for an established technology solutions and services provider in Doha Qatar. Our client is seeking an experienced Senior SOC Engineer to lead advanced security monitoring threat detection and vulnerability management across enterprise IT OT and cloud environments. This role is critical in strengthening cyber resilience through proactive threat hunting incident response and continuous SOC maturity improvement within a high-availability mission-critical environment.

Key Responsibilities

Security Monitoring & Incident Response

- Investigate security incidents and provide advanced technical support for detection and response.

- Perform real-time monitoring across SIEM XDR/EDR NDR OT and cloud security platforms.

- Conduct root cause analysis (RCA) and document lessons learned.

- Coordinate containment eradication and recovery actions during incidents.

- Ensure adherence to defined SLAs and KPIs for incident handling and escalation.

Detection Engineering & Use Case Management

- Develop and tune SIEM/XDR correlation rules aligned with MITRE ATT&CK.

- Reduce false positives and enhance detection coverage.

- Implement advanced detection use cases for ransomware insider threats data exfiltration and APT activity.

- Onboard log sources develop parsers and normalize data for improved visibility.

- Continuously review and optimize detection thresholds and logic.

Vulnerability Management

- Lead the full vulnerability management lifecycle from discovery to remediation validation.

- Correlate vulnerability data with threat intelligence and exploitability context.

- Prioritize remediation based on CVSS business impact and asset criticality.

- Validate remediation effectiveness through rescans and testing support.

- Prepare executive dashboards and reports on risk exposure and remediation trends.

Threat Hunting & Intelligence Integration

- Perform proactive threat hunting using hypothesis-driven methodologies.

- Integrate threat intelligence feeds into SIEM/XDR platforms.

- Track emerging TTPs and adjust detection strategies accordingly.

- Support adversary simulation and red-team validation exercises.

- Share actionable threat intelligence insights with stakeholders.

Reporting & Stakeholder Management

- Track critical and high-risk vulnerabilities and SLA breaches.

- Provide remediation and risk trend reporting.

- Maintain audit-ready documentation and compliance evidence.

- Prepare executive-level reports on threat posture and security metrics.

Requirements

- 8 years of experience in IT security operations or information security.

- Bachelors degree in Cybersecurity Information Security Computer Science or related field.

Mandatory Certification (any one):

- Tenable Certified Nessus Professional (TCNP)

- Tenable Certified Security Center (TCSC)

- Qualys VMDR Specialist

- Qualys WAS Specialist

Preferred Certifications:

- CEH

- Microsoft SC-200

- OSCP

Required Skillset

- Hands-on experience with SIEM XDR/EDR NDR SOAR and cloud security monitoring.

- Strong knowledge of MITRE ATT&CK threat hunting and log correlation.

- Expertise in vulnerability management lifecycle and risk-based prioritization.

- Experience supporting SOC build tuning automation and maturity improvement.

- Familiarity with ISO 27001 NIST CSF and regulatory frameworks.

- Proficiency with tools such as Tenable Qualys Rapid7 Burp Suite and Acunetix.

- Experience in incident triage malware analysis basics and network traffic analysis.

- Basic scripting (PowerShell Python KQL SPL).

- Strong reporting documentation and stakeholder communication skills.

Benefits

- Competitive Salary Benefits Package

Required Skills:

Security Monitoring & Incident Response Investigate security incidents and provide advanced technical support for detection and response. Perform real-time monitoring across SIEM XDR/EDR NDR OT and cloud security platforms. Conduct root cause analysis (RCA) and document lessons learned. Coordinate containment eradication and recovery actions during incidents. Ensure adherence to defined SLAs and KPIs for incident handling and escalation. Detection Engineering & Use Case Management Develop and tune SIEM/XDR correlation rules aligned with MITRE ATT&CK. Reduce false positives and enhance detection coverage. Implement advanced detection use cases for ransomware insider threats data exfiltration and APT activity. Onboard log sources develop parsers and normalize data for improved visibility. Continuously review and optimize detection thresholds and logic. Vulnerability Management Lead the full vulnerability management lifecycle from discovery to remediation validation. Correlate vulnerability data with threat intelligence and exploitability context. Prioritize remediation based on CVSS business impact and asset criticality. Validate remediation effectiveness through rescans and testing support. Prepare executive dashboards and reports on risk exposure and remediation trends. Threat Hunting & Intelligence Integration Perform proactive threat hunting using hypothesis-driven methodologies. Integrate threat intelligence feeds into SIEM/XDR platforms. Track emerging TTPs and adjust detection strategies accordingly. Support adversary simulation and red-team validation exercises. Share actionable threat intelligence insights with stakeholders. Reporting & Stakeholder Management Track critical and high-risk vulnerabilities and SLA breaches. Provide remediation and risk trend reporting. Maintain audit-ready documentation and compliance evidence. Prepare executive-level reports on threat posture and security metrics.

Required Education:

8 years of experience in IT security operations or information security. Bachelors degree in Cybersecurity Information Security Computer Science or related field. Mandatory Certification (any one): Tenable Certified Nessus Professional (TCNP) Tenable Certified Security Center (TCSC) Qualys VMDR Specialist Qualys WAS Specialist