SOC Security Engineer

Programming & Engineering Skills: Strong hands-on programming experience in one or more languages, such as: Python (preferred), Golang, Java. Experience writing production-quality code, not just ad-hoc scripts, solid experience with RESTful APIs, including authentication, pagination, rate limiting, and error handling, familiarity with modern IDEs (VS Code, IntelliJ, PyCharm) and debugging techniques Experience with Git-based version control and collaborative development workflows, Cloud, CI/CD & Containerization, practical experience working with AWS environments, including common services such as IAM, EC2, S3, Lambda, and CloudWatch, experience building, deploying, and maintaining Docker-based applications Security & SOC Knowledge: Hands-on experience working in or closely with a Security Operations Center (SOC), like experience using SIEM platforms and familiarity with EDR solutions, understanding of common security telemetry sources Platform & System Skills, experience developing or extending security platforms or internal security tools, solid Linux fundamentals

Design, develop, and maintain security automation and SOC tooling, including integrations with SIEM, EDR, cloud services, and internal security platforms Develop services, scripts, and pipelines to automate alert enrichment, correlation, response, and investigation workflows Build and maintain API-based integrations with security tools, AWS services, and internal systems Support and enhance SIEM platforms for ingestion, alerting, and investigation Participate in security detection engineering, including log parsing, data normalization, and detection logic implementation Assist in security incident response, including triage, investigation, containment, eradication, and post-incident analysis Take part in SOC on-call rotation / shift duty, responding to security alerts and incidents as required Work closely with SOC analysts to translate operational needs into scalable engineering solutions, debug, troubleshoot, and optimize existing security automation, CI/CD pipelines, and platform components etc.