Job description
HexaPrime is looking for a skilled Cyber Security Engineer (SOC L2) for a resident engineer role. This position is primarily focused on collaborating with the SOC team for alert validation, triage, investigation, escalation, and closure of reported incidents post investigations. The engineer will leverage SIEM, SOAR, and various security tools to support day-to-day tasks. The ideal candidate will have hands-on experience in SOC with a strong technical background in incident handling and security technologies.
Job requirements
Responsibilities
- Collaborate with the SOC team for alert validation, triage, and investigation of security incidents.
- Investigate reported security incidents, collaborate with relevant stakeholders, and maintain detailed records of findings, actions taken, lessons learned, and closure.
- Perform incident response activities including containment, eradication, and recovery for confirmed security incidents.
- Manage and fine-tune SIEM, including rule creation, log source onboarding, and correlation tuning.
- Manage, develop, test, and deploy playbooks as per environment requirements in SOAR.
- Assist in vulnerability remediation efforts and configuration improvements across multiple security tools.
- Participate in weekly engineering reviews and knowledge-sharing sessions with client internal teams.
- Support compliance validation activities, ensuring system configurations meet regulatory requirements.
- Update technical documentation regularly to reflect current configurations, procedures, and incident handling processes.
- Provide on-site support during business hours, ensuring continuity of operations and immediate issue resolution.
Qualifications & Skills
- Bachelor's degree in Computer Science, Information Security, or related field.
- 4-5 years of practical experience in security operations and engineering.
- Hands-on expertise with the following technologies:
- SIEM
- Endpoint Protection
- Vulnerability Management tools: Tenable / Qualys
- Experience with MITRE ATT&CK mapping, detection rule creation, and threat investigation workflows.
- Competent with Windows and Linux environments, including network and malware analysis.
- Strong incident handling and investigation skills.
- IBM QRadar Certified Specialist, GCIH, or equivalent certifications.
- Understanding of cybersecurity compliance frameworks and regulatory standards.
- Strong analytical and problem-solving skills.
- Ability to work collaboratively with cross-functional teams.
- Excellent documentation and communication skills.
Contract Details
- Employment Type: Contractual (Annual Renewal)
- Work Schedule: Full-time, Business Hours
- Location: On-site in Dubai
