SOC Engineer (Blue Team)

As a SOC Engineer (Blue Team) at Aetherium Breach, you will be a critical member of our security operations team, responsible for monitoring, analyzing, and responding to security events and incidents. You will play a key role in maintaining the integrity and confidentiality of our clients' information systems by proactively identifying and mitigating potential threats.

Responsibilities:

• Security Monitoring and Analysis:
  • Monitor security information and event management (SIEM) systems, intrusion detection/prevention systems (IDS/IPS), and other security tools for suspicious activity.  
  • Analyze security logs, network traffic, and system data to identify potential security incidents.
  • Correlate security events to determine the scope and impact of incidents.
• Incident Response:
  • Respond to security incidents according to established procedures and service level agreements (SLAs).
  • Investigate and contain security incidents, including malware outbreaks, unauthorized access, and data breaches.
  • Document incident details, including timelines, affected systems, and remediation steps.
  • Communicate incident status and updates to stakeholders.
• Vulnerability Management:
  • Conduct vulnerability scans and assessments to identify security weaknesses.
  • Recommend and implement security patches and configurations to mitigate vulnerabilities.
  • Stay up-to-date on the latest security threats and vulnerabilities.
• Security Tool Management:
  • Maintain and configure security tools and systems, including SIEM, IDS/IPS, and endpoint detection and response (EDR) solutions.
  • Develop and maintain security dashboards and reports.
  • Automate security tasks and processes.
• Collaboration and Communication:
  • Collaborate with other SOC team members, security engineers, and incident responders.
  • Communicate security alerts and incident updates to clients and internal stakeholders.
  • Participate in security training and awareness programs.

Qualifications:

• Bachelor's degree in computer science, cybersecurity, or a related field (or equivalent experience).
• Strong understanding of networking protocols, operating systems, and security principles.
• Experience with SIEM tools (e.g., Splunk, QRadar, Elastic Security).
• Experience with IDS/IPS systems (e.g., Snort, Suricata).
• Experience with vulnerability scanning tools (e.g., Nessus, OpenVAS).
• Knowledge of common security threats and vulnerabilities.
• Strong analytical and problem-solving skills.
• Excellent communication and interpersonal skills.
• Relevant certifications (e.g., CompTIA Security+, CEH, GCIH) are a plus.