Cyber Security Operations Engineer

Role Summary: Operate and deliver our SOC platforms as a managed service to SME clients. Responsible for platform deployment, client onboarding, user training, ongoing operations, and ensuring optimal performance of the SOC system for client environments. Focus on service delivery excellence, client satisfaction. Key Responsibilities: AI SOC Platform Deployment & Configuration Deploy SOC platform for new client environments Configure platform settings based on client requirements and network architecture Set up log collection agents and data sources in client infrastructure Customize monitoring parameters and thresholds for client-specific needs Integrate client's existing security tools with SOC platform Conduct deployment testing and validation before go-live Document client deployment architecture and configurations Client Onboarding & Training Lead technical onboarding sessions for new clients Conduct platform training for client IT teams and security personnel Create and deliver customized training materials and user guides Demonstrate SOC features, dashboards, and reporting capabilities Train clients on alert review, incident workflows, and response procedures Provide hands-on workshops for platform usage and best practices Assess client readiness and provide post-training support Develop training documentation and video tutorials Managed SOC Operations (24/7) Monitor SOC platform alerts and security events for all clients Analyze and triage alerts generated by AI detection engines Investigate security incidents and perform initial analysis Execute incident response procedures according to client SLA Coordinate with clients during active security incidents Escalate critical incidents to senior analysts or incident response team Document all incidents, actions taken, and resolutions Perform threat hunting using AI-powered analytics tools Client Support & Service Management Serve as primary technical contact for assigned clients Respond to client inquiries via ticketing system, email, and phone Troubleshoot client issues related to platform usage and operations Provide technical guidance on security alerts and recommendations Manage client requests for configuration changes or customizations Ensure timely resolution of client issues within SLA parameters Conduct regular client check-ins and service review meetings Gather client feedback for service improvement Reporting & Communication Generate and deliver scheduled security reports to clients (daily, weekly, monthly) Create executive summaries of security posture and incidents Customize reports based on client requirements Present findings and recommendations in client review meetings Communicate security trends and threat intelligence insights Provide metrics on platform performance and detection effectiveness Document lessons learned and improvement recommendations Perform the duties and tasks assigned by your direct report or as otherwise instructed by the Company. Qualifications: Education & Experience Bachelor's degree in Information Security, Computer Science, IT, or related field 2-4 years of experience in SOC operations, security monitoring, or cybersecurity Experience with SIEM platforms and security monitoring tools Understanding of network security, endpoint security, and common attack vectors Experience in customer-facing technical roles or managed services Strong understanding of security operations workflows and incident response Preferred Certifications CompTIA Security+, CySA+ Certified Ethical Hacker (CEH) GIAC Security Essentials (GSEC) GIAC Certified Incident Handler (GCIH) Certified SOC Analyst (CSA) ITIL Foundation (for service management) Technical Skills Security Knowledge: Strong understanding of cyber threats, attack techniques, and TTPs Knowledge of MITRE ATT&CK Framework Log analysis and security event correlation Incident response procedures and methodologies Network protocol analysis (TCP/IP, DNS, HTTP/HTTPS) Endpoint security and malware analysis basics Understanding of vulnerability management Familiarity with compliance frameworks (ISO 27001, NIST, PCI DSS) Platform & Tools: Experience with SIEM platforms (Splunk, QRadar, Sentinel, or similar) Understanding of AI/ML concepts in cybersecurity (basic level) Familiarity with EDR/XDR solutions Experience with ticketing systems (ServiceNow, Jira, Zendesk) Proficiency with security dashboards and reporting tools Basic scripting knowledge (Python, PowerShell - advantage) Windows and Linux operating systems administration Client Service Skills: Excellent troubleshooting and problem-solving abilities Experience with remote support tools Strong documentation skills Ability to explain technical concepts to non-technical audiences Customer service orientation and professionalism Time management and prioritization skills Soft Skills Excellent communication skills (both verbal and written in English) Strong presentation and training delivery skills Customer-focused mindset with empathy and patience Ability to remain calm under pressure during incidents Team player with collaborative approach Self-motivated and able to work independently Attention to detail and thoroughness Adaptability and willingness to learn Professional demeanor with clients Willingness to work rotating shifts including nights, weekends, and holidays Strong English proficiency (reading, writing, speaking) What we offer: Competitive salary and benefits package. Opportunity to work on a product that impacts millions of users. A dynamic and supportive work environment. Premium health insurance for you and your family. Professional growth and development opportunities. Annual leave 12-14 days per year + 1 Birthday Leave + 1 X’Mas Performance review: once per year Internal training/sharing and professional Training courses Team building, company trip, year end party, monthly activities,.... Devices: Macbook and screen (If needed) Free tea and coffee Comfortable working Area Working hour: 9am - 6pm from Monday to Friday