with deep cybersecurity expertise to serve as the final escalation point for complex incidents and advanced threat scenarios. You will oversee
SOC processes
, mentor Tier 1/Tier 2 staff, optimize SIEM and PAM solutions, and deliver in-depth reporting and ROI insights to stakeholders.
Key Responsibilities
Advanced Incident Management & Analysis
Lead high-severity incident investigations,
perform root-cause analysis
, and compile
in-depth incident reports
for internal and external stakeholders.
Handle
custom alert-source integrations
,
case aggregations
, and
SLA optimization
in SOC processes.
SOC Strategy & Process Ownership
Define, implement, and
optimize SOC processes
, ensuring alignment with industry best practices and compliance standards.
Provide technical leadership to Tier 1 and Tier 2 teams,
training
them on incident management, threat detection, and response workflows.
Present
ROI findings
and performance metrics to customers and executive teams on a weekly/monthly basis.
SIEM & SOAR Enhancement
Develop
custom Flex connectors
, manage
SIEM upgrades
, and configure advanced
rules creation
for threat detection.
Implement
EPS optimization
strategies to ensure optimal system performance.
Create and refine
Playbooks
in OpenText SOAR for automated response and improved incident handling.
Privileged Access Management (PAM)
Demonstrate
expert knowledge
of
NetIQ PAM
architecture and strategies, with
experience
in PAM
implementation
.
Design
session control frameworks
and
PAM strategy
for large-scale enterprise environments.
Integrate PAM with existing security ecosystems, ensuring
privileged identity governance
, compliance, and system
performance optimization
.
Scripting & Automation
Leverage
Regex
and
Python
scripting (including
API integrations
) to automate repetitive tasks, enhance detection capabilities, and integrate with other security tools.
Develop
custom scripts
for data enrichment, correlation, and automation solutions, streamlining SOC operations.
OpenText Security Tools
Utilize
OpenText SIEM
,
OpenText SOAR
,
IDAM
,
BasicSOC
, and
OpenText PAM
for comprehensive threat detection and privilege management.
Continuously fine-tune and enhance these platforms to meet evolving threat landscapes and compliance requirements.
Required Skills
8+ years
of SOC or cybersecurity experience, with a track record of leading incident response and security architecture projects.
Root-cause analysis
and advanced
log analysis
skills for complex threat scenarios.
Strong troubleshooting
techniques; able to debug and resolve multi-layered issues.
CISA certification
(mandatory).
Python
(or other scripting languages) and
API
knowledge for automation.
Expert knowledge of NetIQ PAM
, including session control frameworks, performance optimization, and privileged identity governance.
Additional Qualities
Solid understanding of
cybersecurity attacks
, compliance frameworks, and best practices.
Team leadership
capabilities for mentoring junior analysts and cross-training on emerging threats.
Customer handling
skills, able to communicate effectively with diverse stakeholders and present complex data in a clear manner.
How to Apply
Please submit your
CV
and a brief
cover letter
to mailto:shreyag@aeroqube.com. Use "
Tier 3 SOC Engineer - [Preferred Location]
" in the subject line. We look forward to hearing about your advanced SOC expertise and leadership experience.