SOC Engineer

Full-time IT & Technology

Key Responsibilities

Alert Triage & Investigation

• Monitor client security environments across SIEM, EDR, email security, and identity platforms throughout assigned shift using Microsoft Sentinel and Defender XDR dashboards.
• Acknowledge, assess, and prioritize incoming security alerts within defined SLA windows; distinguish true positives from false positives using structured triage methodology.
• Conduct end‑to‑end investigation of assigned incidents — correlating signals across log sources, mapping observed behavior to MITRE ATT&CK tactics and techniques, and determining blast radius.
• Execute containment and remediation actions per approved playbooks: host isolation, account disablement, token revocation, firewall rule deployment, and email quarantine.
• Escalate confirmed P1 security incidents to the SOC Manager with a complete investigation package — timeline, affected assets, indicators of compromise (IOCs), and re...