Senior SOC Engineer
Job Description
●As a Senior SOC Engineer as part of the Cyber Defense Operations Center (CDOC) you will work in the Detection and Response Engineering team with a focus on XDR, SIEM and SOAR technologies. You’ll be responsible for helping the SOC Specialist in integrating log sources, reviewing and developing use cases and response playbooks.
●This role requires in-depth knowledge of custom parsing, python scripting, REGEX, API Integration and playbook creation, hence also experienced Software Developers or similar hands-on roles are welcomed to apply
Qualifications
Qualification:
●Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
●4-7 years of total experience in SecOps/DevOps , in a large multi-national organization or in a known MSSP. In addition, candidate should posses at least 3 years of working experience automation, integration and custom parser creation for SecOps/DevOps tools like SIEM, SOAR or ITSM tool.
●Lateral joiners from other hands-on information technology roles are highly welcomed to apply!
Experience
●Design and build custom parsers for diverse log formats, threat feeds, and telemetry sources.
●Develop integration guides for connecting security tools with external systems (e.g., cloud platforms, identity providers, ticketing systems).
●Write technical documentation for parser configuration, schema mapping, normalization, and enrichment workflows.
●Test and validate parser outputs to ensure accurate data extraction and ingestion.
●Continuously improve SIEM/SOAR/XDR alert use cases and detection logic.
●Create tutorials and walkthroughs for parser development using Python, Regex, and AI prompts.
●Collaborate with the overall Cyber Defense team to capture use cases, edge cases, and operational needs.
●Maintain integration documentation for REST APIs, webhooks, and SDKs across security platforms.
Technical & Soft Skills:
●Proven experience in technical writing and content creation for security products.
●Hands-on expertise in log parsing, data normalization, and custom parser development.
●Proficient with SIEM platforms, log formats (JSON, Syslog, XML), and parsing tools (Regex, Logstash) an AI prompting.
●Skilled in REST APIs, JSON schemas, and integration workflows.
●Familiar with cloud-native security tools (AWS GuardDuty, Azure Sentinel, Google Chronicle).
●Competent in using Git, Markdown, and documentation platforms (e.g., Confluence, DITA).
●Strong ability to translate complex technical concepts into clear, actionable content.
●Experienced in producing executive summaries and detailed technical SOPs.
●Effective team collaborator with strong communication skills.
