{bc}
linkedin

Senior SOC Engineer

Ansen Technology
Abu Dhabi Emirate, UAE
Fulltime
Mid-Senior
3 months ago
AWSAzureScala
Free

Job Fit Check

Base Career helps you apply smarter for this job.

?%
Ready to Scan

Key skills for this role

AWSAzureScala
Smart Apply

Full Job Posting

1.SOC Engineering&Platform Architecture

  • Design, build, and manage
  • end-to-end SOC engineering architecture
  • across
  • SIEM, SOAR, log pipelines, and security platforms
  • Own the
  • Splunk SIEM architecture
  • , including:
  • Indexer, Search Head, Cluster Manager, and Deployment Server design
  • Data models, CIM normalization, indexes, retention policies
  • Design and implement

Cribl Stream And Edge Pipelines

  • for:
  • Log routing, filtering, enrichment, masking, and optimization
  • Cost optimization and performance tuning for Splunk ingestion
  • Engineer
  • high-availability, scalable SOC platforms
  • aligned with enterprise and government-grade requirements

2.Cloud&Hybrid Security Telemetry

  • Integrate security logs and telemetry from:
  • **Cloud platforms (Huawei, AWS, Azure cloud environments)**
  • Cloud-native services (CloudTrail, Azure Activity, Defender, VPC Flow Logs, etc.)
  • Design
  • secure ingestion patterns
  • using:
  • Object storage (OBS / S3-compatible)
  • Streaming mechanisms, collectors, forwarders, and APIs
  • Ensure SOC engineering supports
  • multi-tenant, multi-environment (Prod / Non-Prod)
  • separation

3.Detection Engineering&SOC Operations Alignment

  • Build and optimize
  • SIEM detection use cases
  • mapped to

Mitre Att&Ck

  • Support:
  • Alert tuning and false-positive reduction
  • Risk-based alerting and correlation strategies
  • Collaborate with SOC Operations teams (L1/L2/L3) to ensure:
  • Engineering aligns with real-world incident workflows
  • Alerts are actionable, contextual, and operationally usable

4.Automation, Scripting&DevSecOps

  • Develop automation and tooling using:
  • **Python, PowerShell, Bash**
  • REST APIs (Splunk, Cribl, Cloud services)
  • Implement

Detection-As-Code And Infrastructure-As-Code

  • principles
  • Support CI/CD pipelines for:
  • Detection deployment
  • Configuration versioning
  • Engineering artifacts management

5.Governance, Documentation&Knowledge Transfer

  • Create and maintain SOC engineering documentation including:
  • Architecture diagrams
  • Data flow mappings
  • Integration runbooks and SOPs
  • Support

Soc Knowledge Transfer (Kt)

  • activities during transition phases
  • Contribute to:
  • Risk registers
  • Engineering KPIs
  • Audit and compliance evidence (ISO 27001, NIST, UAE regulatory frameworks)

6.Stakeholder&Project Collaboration

  • Work closely with:
  • SOC Operations
  • Cloud Engineering
  • DevSecOps
  • Compliance and Governance teams
  • Support
  • project delivery milestones
  • , migrations, and go-live readiness
  • Provide technical leadership and guidance to junior SOC engineers

1.Core Technical Skills (Mandatory)

  • **Splunk Enterprise / Splunk Cloud**
  • – Advanced level (architecture, administration, detection engineering)
  • **Cribl (Stream / Edge), Kafka**
  • – Advanced pipeline design and optimization
  • **Cloud Security Engineering**
  • – Huawei/ AWS / Azure (log ingestion, security telemetry, identity logs)
  • **Scripting&Automation**
  • – Python, PowerShell, Bash, Perl and Java
  • **Security Operations Center (SOC)**
  • – Deep understanding of SOC build, operate, and mature phases

2.Additional Technical Capabilities

  • Log collection tools (UF, HF, Fluentd, Vector, Beats, etc.)
  • SOAR platforms and automation workflows
  • Threat intelligence integrations
  • Endpoint, network, and identity security telemetry
  • Performance tuning and cost optimization for SIEM platforms

Experience&Qualifications

  • **8+ years**
  • relevant experience in SOC Engineering / Security Engineering roles
  • Proven experience in
  • large-scale SOC build or transformation programs
  • Strong background working with
  • government, critical infrastructure, or regulated environments
  • Experience supporting
  • 24x7 SOC operations
  • Relevant certifications (preferred):

• Splunk Architect And Admin

  • ELK Stack, Big Data framework
  • Cloud Security certifications
  • GIAC / CISSP / equivalent

Key Competencies

  • Strong problem-solving and analytical mindset
  • Ability to bridge
  • engineering and operations
  • effectively
  • Excellent documentation and communication skills
  • Comfortable working in
  • high-pressure, mission-critical environments
  • Delivery-focused with strong ownership mentality

Apply for this job in 1 click

Skip the repetitive application forms

Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.

Sarah M.James T.Maya R.

Trusted by over 500,000 job seekers on Base Career

Start Free Today

More from this employer

More jobs at Ansen Technology