Active Jobs with Black & Grey HR
SOC Engineer
Job description
Black & Grey HR is recruiting for an established technology solutions and services provider in Doha, Qatar. Our client is seeking a SOC Engineer to strengthen its Security Operations Center (SOC) by monitoring, detecting, investigating, and responding to cybersecurity incidents across enterprise IT environments. This role is ideal for professionals with hands-on SOC experience who are passionate about threat detection, incident response, and maintaining a strong organizational security posture. Key Responsibilities Security Monitoring & Incident Detection - Monitor security alerts generated from SIEM, XDR, EDR, NDR, IDS/IPS, firewalls, and cloud security platforms. - Identify, validate, triage, and prioritize security incidents based on severity, impact, and business risk. - Continuously monitor security events to detect malicious activities and potential threats. Incident Response & Threat Investigation - Investigate security incidents and perform root cause analysis. - Analyze malware, attack techniques, and suspicious activities to determine impact and remediation actions. - Coordinate containment, eradication, and recovery activities with internal teams. - Escalate high-severity incidents following established incident response procedures. Threat Hunting & Detection Engineering - Perform proactive threat hunting activities using scheduled queries and threat intelligence. - Monitor threat hunting dashboards and validate suspicious indicators of compromise. - Identify emerging attack patterns and recommend improvements to detection capabilities. Vulnerability Management & Security Operations - Review vulnerability assessment results and monitor remediation progress. - Validate patch implementation and ensure timely closure of remediation activities. - Support day-to-day security operations and ensure compliance with operational procedures. Reporting & Operational Excellence - Maintain accurate incident records, investigation notes, and ticket updates. - Prepare daily operational reports, shift handover documentation, and incident summaries. - Ensure compliance with defined SLAs and operational performance metrics. - Contribute to continuous improvement of SOC processes and security operations. Requirements - Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field. - 1–4 years of hands-on experience working in a Security Operations Center (SOC). - Experience monitoring SIEM, EDR/XDR, IDS/IPS, firewalls, email security, and cloud security platforms. - Good understanding of incident triage, security event classification, escalation procedures, and ticket management. - Strong understanding of networking fundamentals including TCP/IP, DNS, HTTP/HTTPS, VPN, routing, switching, and common network protocols. - Experience working with Windows and Linux operating systems, endpoint security, and system log analysis. - Knowledge of common cyber threats including phishing, ransomware, malware, brute force attacks, web attacks, and insider threats. - Preferred certifications: o CompTIA Security+ o CompTIA CySA+ o EC-Council Certified Network Defender (CND) o Cisco CyberOps Associate o Microsoft SC-200 - Additional certifications such as CHFI or DFIR Foundations will be an advantage. Required Skillset - Security Information & Event Management (SIEM) monitoring and alert analysis. - Endpoint Detection & Response (EDR/XDR) and Network Detection & Response (NDR). - Incident detection, triage, investigation, and response. - Threat hunting and threat intelligence analysis. - Vulnerability management and remediation tracking. - Log analysis across endpoints, servers, firewalls, proxies, Active Directory, cloud platforms, and security appliances. - Basic scripting skills using PowerShell, Python, or Bash for automation and log analysis. - Strong documentation, communication, and incident reporting skills. - Ability to work in a 24×7 SOC environment and collaborate effectively during security incidents. Benefits - Competitive Salary + Benefits Package


