SOC / Incident Response Engineer
The SOC / Incident Response Engineer supports enterprise security monitoring, incident response, and threat detection across a hybrid IT environment, including on-premises infrastructure and cloud services. This role provides advanced security analysis, threat hunting, and detection engineering to strengthen organizational cybersecurity operations and continuous monitoring capabilities.
Key Responsibilities
Execute incident response processes in accordance with established incident response plans, standard operating procedures (SOPs), playbooks, and analyst workflows. Develop and maintain incident response SOPs, playbooks, workflows, and operational guidelines aligned with industry best practices and recognized cybersecurity frameworks. Implement and integrate new incident response and threat intelligence capabilities with existing security tools and the organization's cybersecurity ecosystem. Monitor cloud-based Web Application Firewall (WAF) solutions to protect web applications from vulnerabilities, bot attacks, API abuse, and application-layer Distributed Denial of Service (DDoS) attacks. Recommend and implement improvements to incident response policies, procedures, and operational processes. Research emerging incident response technologies, evaluate security tools, and recommend enhancements to improve incident response capabilities.