Operate and deliver our SOC platforms as a managed service to SME clients. Responsible for platform deployment, client onboarding, user training, ongoing operations, and ensuring optimal performance of the SOC system for client environments. Focus on service delivery excellence, client satisfaction.
Key Responsibilities:
AI SOC Platform Deployment & Configuration
- Deploy SOC platform for new client environments
- Configure platform settings based on client requirements and network architecture
- Set up log collection agents and data sources in client infrastructure
- Customize monitoring parameters and thresholds for client-specific needs
- Integrate client's existing security tools with SOC platform
- Conduct deployment testing and validation before go-live
- Document client deployment architecture and configurations
Client Onboarding & Training
- Lead technical onboarding sessions for new clients
- Conduct platform training for client IT teams and security personnel
- Create and deliver customized training materials and user guides
- Demonstrate SOC features, dashboards, and reporting capabilities
- Train clients on alert review, incident workflows, and response procedures
- Provide hands-on workshops for platform usage and best practices
- Assess client readiness and provide post-training support
- Develop training documentation and video tutorials
Managed SOC Operations (24/7)
- Monitor SOC platform alerts and security events for all clients
- Analyze and triage alerts generated by AI detection engines
- Investigate security incidents and perform initial analysis
- Execute incident response procedures according to client SLA
- Coordinate with clients during active security incidents
- Escalate critical incidents to senior analysts or incident response team
- Document all incidents, actions taken, and resolutions
- Perform threat hunting using AI-powered analytics tools
Client Support & Service Management
- Serve as primary technical contact for assigned clients
- Respond to client inquiries via ticketing system, email, and phone
- Troubleshoot client issues related to platform usage and operations
- Provide technical guidance on security alerts and recommendations
- Manage client requests for configuration changes or customizations
- Ensure timely resolution of client issues within SLA parameters
- Conduct regular client check-ins and service review meetings
- Gather client feedback for service improvement
Reporting & Communication
- Generate and deliver scheduled security reports to clients (daily, weekly, monthly)
- Create executive summaries of security posture and incidents
- Customize reports based on client requirements
- Present findings and recommendations in client review meetings
- Communicate security trends and threat intelligence insights
- Provide metrics on platform performance and detection effectiveness
- Document lessons learned and improvement recommendations
Technical Skills
Security Knowledge:
- Strong understanding of cyber threats, attack techniques, and TTPs
- Knowledge of MITRE ATT&CK Framework
- Log analysis and security event correlation
- Incident response procedures and methodologies
- Network protocol analysis (TCP/IP, DNS, HTTP/HTTPS)
- Endpoint security and malware analysis basics
- Understanding of vulnerability management
- Familiarity with compliance frameworks (ISO 27001, NIST, PCI DSS)
Platform & Tools:
- Experience with SIEM platforms (Splunk, QRadar, Sentinel, or similar)
- Understanding of AI/ML concepts in cybersecurity (basic level)
- Familiarity with EDR/XDR solutions
- Experience with ticketing systems (ServiceNow, Jira, Zendesk)
- Proficiency with security dashboards and reporting tools
- Basic scripting knowledge (Python, PowerShell - advantage)
- Windows and Linux operating systems administration
Client Service Skills:
- Excellent troubleshooting and problem-solving abilities
- Experience with remote support tools
- Strong documentation skills
- Ability to explain technical concepts to non-technical audiences
- Customer service orientation and professionalism
- Time management and prioritization skills
Qualifications:
Education & Experience
- Bachelor's degree in Information Security, Computer Science, IT, or related field
- 2-4 years of experience in SOC operations, security monitoring, or cybersecurity
- Experience with SIEM platforms and security monitoring tools
- Understanding of network security, endpoint security, and common attack vectors
- Experience in customer-facing technical roles or managed services
- Strong understanding of security operations workflows and incident response
Preferred Certifications
- CompTIA Security+, CySA+
- Certified Ethical Hacker (CEH)
- GIAC Security Essentials (GSEC)
- GIAC Certified Incident Handler (GCIH)
- Certified SOC Analyst (CSA)
- ITIL Foundation (for service management)
