Soc Engineer

Bloom Energy, a solid oxide fuel cell company, is currently expanding its cybersecurity incident monitoring and response team and is looking for Security Operations Center (SoC) Analysts. The person working in the SOC team operates the security monitoring solutions, reacting timely to security events as identified. This individual should be a dynamic professional who is looking for a rewarding future in one of todays most exciting security technologies

Roles:

As our Security Engineer and SOC Operations Analyst, you will be part of a SOC team and cover broad aspects of Bloom Energy Security Engineering, Cyber Security monitoring and incident response operations. Working closely with SOC Manager and Cyber Security Engineers, the role is to help coordinate and report on cyber incidents affecting Bloom infrastructure and Administer and maintain Security Soln. This role requires strong technical analytical skills while providing accurate analysis of security-related problems and a well-rounded networking background. It also involves critical duties and responsibilities to be performed during crisis and contingency operations, which may necessitate extended hours of work.

Responsibilities:

Security Engineering:

Implement, and manage enterprise-grade security solutions across network, endpoint, cloud, and email layers.

Lead the deployment and lifecycle management of Data Loss Prevention (DLP) technologies, ensuring sensitive data is protected across all vectors (email, web, endpoint, cloud).

Administer and optimize Zscaler ZIA/ZPA for secure internet access and zero trust network access, including policy tuning, SSL inspection, and user segmentation.

Administer and maintain Proofpoint for advanced email threat protection, including phishing defense, business email compromise (BEC) detection, and DMARC enforcement.

Administer and maintain SOAR platforms (e.g., Palo Alto Cortex XSOAR, Splunk Phantom) to automate repetitive tasks, enrich alerts, and streamline incident response workflows.

Deploy and manage XDR solutions (e.g., Sentinel One, CrowdStrike, Microsoft Defender XDR) to unify telemetry across endpoints, cloud, and identity platforms for enhanced threat detection and response.

Collaborate with IT and DevOps teams to embed security controls in CI/CD pipelines and cloud infrastructure (AWS, Azure, GCP).

Conduct security architecture reviews and recommend improvements for application, infrastructure, and cloud security posture.

Perform security tool integrations with SIEM, ticketing systems, threat intelligence platforms, and vulnerability scanners.

Develop and maintain custom detection rules, parsers, and dashboards in SIEM and XDR platforms to improve visibility and reduce false positives.

Lead proof-of-concept (PoC) evaluations for new security technologies and drive vendor selection processes.

SOC Operations & Incident Response:

Lead and coordinate the end-to-end incident response lifecycle: detection, triage, containment, eradication, recovery, and post-incident review.

Perform alert triaging and prioritize incidents based on severity, impact, and business context.

Conduct root cause analysis (RCA) and create detailed incident reports for stakeholders and compliance teams.

Utilize MITRE ATT&CK and OWASP Top 10 frameworks to map adversary behavior and identify gaps in detection and response.

Develop and maintain incident playbooks and runbooks for common attack scenarios (e.g., phishing, malware, insider threats).

Drive threat hunting initiatives using SIEM, XDR, and threat intelligence feeds to proactively identify suspicious activity.

Conduct tabletop exercises and red/blue team simulations to test and improve incident response readiness.

Ensure timely escalation and communication of critical incidents to leadership and affected business units.

Required Skills & Knowledge:

Bachelor Degree in Computer science (Engineering & Technology desired), Management of information Systems, computer security or equivalent.

Basic understanding on Malwares, CIA triad, Cyber Kill chain, Networking.

Deep understanding of network security, endpoint protection, cloud security, and email threat vectors.

Familiarity with OWASP Top 10, MITRE ATT&CK, and NIST cybersecurity frameworks.

Basic knowledge of Information Security, Network devices, Security devices, Server security, Application Security, etc.

Keen to learn new security technologies and how information security operates.

Keen on entering the information security world and developing oneself in that direction.

Well-developed logical thinking capabilities, in order to be able to investigate cases.

Able to work in shift schedule.

Basic knowledge about Automation tool, AI and Network security

Excellent social, communication, and writing skills

Note : This role is rotational shift and 5 days office work.