ParadigmIT Cyber

As a Security Operations Center (SOC) Subject Matter Expert (SME), you will be responsible for providing advanced expertise in SOC operations, threat detection, incident response, and security tooling to strengthen our organization's cybersecurity defenses. You will play a pivotal role in enhancing the effectiveness and efficiency of our SOC operations while ensuring the timely identification and mitigation of security threats.

Responsibilities :

- Develop and refine the SOC strategy, including the architecture, processes, and procedures, to align with organizational goals and industry best practices.

- Design and implement scalable and resilient SOC architectures that leverage cutting-edge technologies and methodologies for threat detection and response.

- Lead efforts to detect, analyze, and respond to cybersecurity incidents in real-time, leveraging SIEM (Security Information and Event Management) platforms and other security tools.

- Develop and maintain incident response playbooks, standard operating procedures (SOPs), and escalation protocols to streamline incident handling processes.

- Conduct post-incident reviews and root cause analyses to identify gaps and vulnerabilities in security controls and recommend remediation measures.

- Evaluate, select, and deploy security tools and technologies to enhance SOC capabilities, including SIEM, EDR (Endpoint Detection and Response), SOAR (Security Orchestration, Automation, and Response), and threat intelligence platforms.

- Configure and optimize security tools to maximize threat detection accuracy, minimize false positives, and improve overall SOC efficiency.

- Monitor and analyze threat intelligence feeds to identify emerging cyber threats, attack vectors, and adversary tactics, techniques, and procedures (TTPs).

- Conduct proactive threat hunting activities to detect stealthy and persistent threats that evade traditional security controls.

- Provide mentorship and training to SOC analysts on advanced threat detection and incident response techniques, tools, and methodologies.

- Collaborate with cross-functional teams to disseminate knowledge and best practices related to cybersecurity and SOC operations.

- Develop and deliver cybersecurity awareness training programs for internal stakeholders to enhance security awareness and resilience.

Qualifications :

- Bachelor's degree in Computer Science, Information Security, or related field. Master's degree preferred.

- 9+ years working in cybersecurity roles with a focus on SOC operations, threat detection, and incident response.

- In-depth knowledge of security operations principles, practices, and methodologies, including SOC architecture, SIEM, and threat intelligence.

- Hands-on experience with leading SIEM platforms such as Splunk, IBM QRadar, or LogRhythm, as well as other security tools and technologies.

- Strong understanding of cyber threat landscape, attack vectors, and common security vulnerabilities.

- Excellent analytical and problem-solving skills, with the ability to analyze complex security incidents and recommend effective countermeasures.

- Effective communication and collaboration skills, with the ability to interact with stakeholders at all levels of the organization.

- Relevant certifications such as CISSP, CISM, CEH, or GIAC certifications preferred.