We are seeking a Tier 3 SOC Engineer with deep cybersecurity expertise to serve as the final escalation point for complex incidents and advanced threat scenarios. You will oversee SOC processes, mentor Tier 1/Tier 2 staff, optimize SIEM and PAM solutions, and deliver in-depth reporting and ROI insights to stakeholders.
Key Responsibilities
Advanced Incident Management & Analysis
Lead high-severity incident investigations, perform root-cause analysis, and compile in-depth incident reports for internal and external stakeholders.
Handle custom alert-source integrations, case aggregations, and SLA optimization in SOC processes.
SOC Strategy & Process Ownership
Define, implement, and optimize SOC processes, ensuring alignment with industry best practices and compliance standards.
Provide technical leadership to Tier 1 and Tier 2 teams, training them on incident management, threat detection, and response workflows.
Present ROI findings and performance metrics to customers and executive teams on a weekly/monthly basis.
SIEM & SOAR Enhancement
Develop custom Flex connectors, manage SIEM upgrades, and configure advanced rules creation for threat detection.
Implement EPS optimization strategies to ensure optimal system performance.
Create and refine Playbooks in OpenText SOAR for automated response and improved incident handling.
Privileged Access Management (PAM)
Demonstrate expert knowledge of NetIQ PAM architecture and strategies, with experience in PAM implementation.
Design session control frameworks and PAM strategy for large-scale enterprise environments.
Integrate PAM with existing security ecosystems, ensuring privileged identity governance, compliance, and system performance optimization.
Scripting & Automation
Leverage Regex and Python scripting (including API integrations) to automate repetitive tasks, enhance detection capabilities, and integrate with other security tools.
Develop custom scripts for data enrichment, correlation, and automation solutions, streamlining SOC operations.
OpenText Security Tools
Utilize OpenText SIEM, OpenText SOAR, IDAM, BasicSOC, and OpenText PAM for comprehensive threat detection and privilege management.
Continuously fine-tune and enhance these platforms to meet evolving threat landscapes and compliance requirements.
Required Skills
8+ years of SOC or cybersecurity experience, with a track record of leading incident response and security architecture projects.
Root-cause analysis and advanced log analysis skills for complex threat scenarios.
Strong troubleshooting techniques; able to debug and resolve multi-layered issues.
CISA certification (mandatory).
Python (or other scripting languages) and API knowledge for automation.
Expert knowledge of NetIQ PAM, including session control frameworks, performance optimization, and privileged identity governance.
Additional Qualities
Solid understanding of cybersecurity attacks, compliance frameworks, and best practices.
Team leadership capabilities for mentoring junior analysts and cross-training on emerging threats.
Customer handling skills, able to communicate effectively with diverse stakeholders and present complex data in a clear manner.
How to Apply
Please submit your CV and a brief cover letter to shreyag@aeroqube.com. Use “Tier 3 SOC Engineer – [Preferred Location]” in the subject line. We look forward to hearing about your advanced SOC expertise and leadership experience.