Senior SOC Engineer

●As a Senior SOC Engineer as part of the Cyber Defense Operations Center (CDOC) you will work in the Detection and Response Engineering team with a focus on XDR, SIEM and SOAR technologies. You’ll be responsible for helping the SOC Specialist in integrating log sources, reviewing and developing use cases and response playbooks.

●This role requires in-depth knowledge of custom parsing, python scripting, REGEX, API Integration and playbook creation, hence also experienced Software Developers or similar hands-on roles are welcomed to apply

Qualification:

●Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.

●4-7 years of total experience in SecOps/DevOps , in a large multi-national organization or in a known MSSP. In addition, candidate should posses at least 3 years of working experience automation, integration and custom parser creation for SecOps/DevOps tools like SIEM, SOAR or ITSM tool.

●Lateral joiners from other hands-on information technology roles are highly welcomed to apply!

Experience 

●Design and build custom parsers for diverse log formats, threat feeds, and telemetry sources.

●Develop integration guides for connecting security tools with external systems (e.g., cloud platforms, identity providers, ticketing systems).

●Write technical documentation for parser configuration, schema mapping, normalization, and enrichment workflows.

●Test and validate parser outputs to ensure accurate data extraction and ingestion.

●Continuously improve SIEM/SOAR/XDR alert use cases and detection logic.

●Create tutorials and walkthroughs for parser development using Python, Regex, and AI prompts.

●Collaborate with the overall Cyber Defense team to capture use cases, edge cases, and operational needs.

●Maintain integration documentation for REST APIs, webhooks, and SDKs across security platforms.

Technical & Soft Skills:

●Proven experience in technical writing and content creation for security products.

●Hands-on expertise in log parsing, data normalization, and custom parser development.

●Proficient with SIEM platforms, log formats (JSON, Syslog, XML), and parsing tools (Regex, Logstash) an AI prompting.

●Skilled in REST APIs, JSON schemas, and integration workflows.

●Familiar with cloud-native security tools (AWS GuardDuty, Azure Sentinel, Google Chronicle).

●Competent in using Git, Markdown, and documentation platforms (e.g., Confluence, DITA).

●Strong ability to translate complex technical concepts into clear, actionable content.

●Experienced in producing executive summaries and detailed technical SOPs.

●Effective team collaborator with strong communication skills.