Senior SOC Engineer

Job Description

Black & Grey HR is recruiting for an established technology solutions and services provider in Doha, Qatar. Our client is seeking an experienced Senior SOC Engineer to lead advanced security monitoring, threat detection, and vulnerability management across enterprise IT, OT, and cloud environments. This role is critical in strengthening cyber resilience through proactive threat hunting, incident response, and continuous SOC maturity improvement within a high-availability, mission-critical environment.

Key Responsibilities

Security Monitoring & Incident Response

- Investigate security incidents and provide advanced technical support for detection and response.

- Perform real-time monitoring across SIEM, XDR/EDR, NDR, OT, and cloud security platforms.

- Conduct root cause analysis (RCA) and document lessons learned.

- Coordinate containment, eradication, and recovery actions during incidents.

- Ensure adherence to defined SLAs and KPIs for incident handling and escalation.

Detection Engineering & Use Case Management

- Develop and tune SIEM/XDR correlation rules aligned with MITRE ATT&CK.

- Reduce false positives and enhance detection coverage.

- Implement advanced detection use cases for ransomware, insider threats, data exfiltration, and APT activity.

- Onboard log sources, develop parsers, and normalize data for improved visibility.

- Continuously review and optimize detection thresholds and logic.

Vulnerability Management

- Lead the full vulnerability management lifecycle from discovery to remediation validation.

- Correlate vulnerability data with threat intelligence and exploitability context.

- Prioritize remediation based on CVSS, business impact, and asset criticality.

- Validate remediation effectiveness through rescans and testing support.

- Prepare executive dashboards and reports on risk exposure and remediation trends.

Threat Hunting & Intelligence Integration

- Perform proactive threat hunting using hypothesis-driven methodologies.

- Integrate threat intelligence feeds into SIEM/XDR platforms.

- Track emerging TTPs and adjust detection strategies accordingly.

- Support adversary simulation and red-team validation exercises.

- Share actionable threat intelligence insights with stakeholders.

Reporting & Stakeholder Management

- Track critical and high-risk vulnerabilities and SLA breaches.

- Provide remediation and risk trend reporting.

- Maintain audit-ready documentation and compliance evidence.

- Prepare executive-level reports on threat posture and security metrics.

Requirements- 8+ years of experience in IT security operations or information security.

- Bachelor’s degree in Cybersecurity, Information Security, Computer Science, or related field.

Mandatory Certification (any one):

- Tenable Certified Nessus Professional (TCNP)

- Tenable Certified Security Center (TCSC)

- Qualys VMDR Specialist

- Qualys WAS Specialist

Preferred Certifications:

- CEH

- Microsoft SC-200

- OSCP

Required Skillset

- Hands-on experience with SIEM, XDR/EDR, NDR, SOAR, and cloud security monitoring.

- Strong knowledge of MITRE ATT&CK, threat hunting, and log correlation.

- Expertise in vulnerability management lifecycle and risk-based prioritization.

- Experience supporting SOC build, tuning, automation, and maturity improvement.

- Familiarity with ISO 27001, NIST CSF, and regulatory frameworks.

- Proficiency with tools such as Tenable, Qualys, Rapid7, Burp Suite, and Acunetix.

- Experience in incident triage, malware analysis basics, and network traffic analysis.

- Basic scripting (PowerShell, Python, KQL, SPL).

- Strong reporting, documentation, and stakeholder communication skills.

Benefits- Competitive Salary + Benefits Package