Lead Soc Engineer (Ndr and Vm)

TL;DR

Lead SOC Engineer (NDR & VM): Enhancing threat detection and response capabilities through NDR technologies and driving a robust vulnerability management program with an accent on analysing network telemetry and behavioral patterns to identify threats. Focus on proactive threat hunting and improving detection capabilities.

What you will do

• Architect and manage NDR solutions to monitor network traffic and detect malicious activity.
• Lead end-to-end vulnerability management lifecycle, from scanning to remediation.
• Assist in investigation and response to security incidents, leveraging NDR and vulnerability data.
• Contribute to SOC architecture strategy and implementation initiatives.
• Stay updated with emerging threats, vulnerabilities, and security technologies.

Requirements

• A minimum of 8 years of experience in SOC operations, with significant experience in NDR and Vulnerability Management.
• Proven expertise in NDR platforms (e.g., Corelight, Extra Hop, Vectra AI, Darktrace,) and vulnerability management tools (e.g., Qualys, Tenable, and Rapid7).
• Strong understanding of TCP/IP, DNS, HTTP/S, and other network protocols.
• Experience with SIEM (Splunk, Sentinel), SOAR, and endpoint protection platforms.
• Hands on experience with writing and tuning detection signatures including Suricata and Snort.
• Bachelor’s degree in computer science, Information Technology, Cybersecurity, or a related field.

Nice to have

• Certified Information Systems Security Professional (CISSP), OSCP, or GIAC is desirable.
• Networking certifications such as CCNA or CCNP are advantageous.
• Vendor certifications for NDR product/s.