Job Details
Experience Needed:
Career Level:
Education Level:
Salary:
Job Categories:
Skills And Tools:
Job Description
SOC Strategy & Optimization
- Assess and improve SOC operations, processes, workflows, and coverage.
- Define and enhance incident response procedures and playbooks.
- Conduct SOC maturity assessments and recommend improvements.
Threat Detection & Response
- Oversee and support analysis of complex security incidents and escalations.
- Develop, tune, and optimize SIEM detection use cases and correlation rules.
- Lead threat hunting initiatives and guide junior analysts.
Advisory & Client Engagement
- Work with stakeholders to align SOC services with business and regulatory requirements.
- Provide recommendations for compliance with standards such as NIST CSF, ISO 27001, GDPR, and local regulations.
- Conduct comprehensive MITRE ATT&CK based assessments to evaluate the organization's security posture against known adversary tactics, techniques, and procedures (TTPs).
- Map detection and response capabilities to the MITRE ATT&CK framework, identify gaps, and recommend enhancements.
- Perform detailed compromise assessments to identify indicators of compromise (IOCs), suspicious behaviors, and evidence of potential or active breaches.
- Utilize endpoint detection, log analysis, threat intelligence, and forensics tools to support compromise investigations.
- Develop assessment reports, remediation plans, and executive summaries based on findings.
- Collaborate with SOC, threat intelligence, and incident response teams to strengthen detection and response processes.
- Present technical findings to both technical and non-technical audiences.
SIEM/SOAR Implementation & Enhancement
- Design and enhance SIEM/SOAR architecture and rule sets (e.g., Splunk, QRadar, Sentinel, ArcSight).
- Recommend log source onboarding and log normalization best practices.
- Automate response workflows to improve SOC efficiency.
Team Mentoring & Knowledge Transfer
- Provide guidance, training, and mentorship to SOC Level 1 and Level 2 analysts.
- Lead tabletop exercises and post-incident reviews.
- Develop internal documentation and knowledge base content.
Job Requirements
Education & Experience
- Bachelor’s degree in Computer Science, Cybersecurity, Information Systems, or related field.
- Minimum 4+ years of experience in a SOC environment.
- Proven experience in incident response, threat detection, and SOC consulting.
Technical Skills
- Strong knowledge of SIEM tools (Splunk, Sentinel, QRadar, etc.).
- Familiarity with SOAR platforms (e.g., Palo Alto XSOAR, IBM Resilient).
- Deep understanding of cyber threats, TTPs, and frameworks like:
- MITRE ATT&CK
- Cyber Kill Chain
- CIS Controls
- NIST 800-61 / 800-53
- Proficiency in scripting and automation (Python, PowerShell, Bash, etc.) is a plus.
Certifications (Preferred but not mandatory)
- GIAC (GCIA, GCIH, GCFA, GCED)
- CISSP / CISM
- CEH / ECSA
- ISO 27001 LA or NIST-based certifications
Soft Skills:
- Excellent communication and report writing skills.
- Ability to lead and influence security teams and stakeholders.
- Strong analytical and critical thinking abilities.
- Client-facing and consultative mindset.
Key Deliverables (if Consultant Role):
- SOC maturity gap assessment reports.
- SIEM rule tuning and detection engineering documentation.
- Incident response plans and playbooks.
- Mitre Att&ck Assessment .
- Comprise assessment
- Configuration Harding Documents
Featured Jobs
Similar Jobs
- Senior Information Security En...Al Ahly capital holding - Al Ahly Tamkeen - Maadi, Cairo11 days ago