Network Security Engineer

About The Role

We are looking for a Network Security Engineer / Senior SOC Analyst to strengthen our Security Operations Center for a fast-growing IT organization with 700+ employees and a diverse technology landscape.

Our Environment Includes

• 400+ Linux systems, 200+ Windows machines, and 200+ macOS endpoints
• Development stack: Node.js, Ruby on Rails (RoR), Rust, Blockchain platforms
• Domains: Mobile applications, gaming platforms, FinTech systems
• Infrastructure: Multi-cloud (AWS, Azure, GCP)

This role is ideal for professionals who thrive in complex, high-scale environments and can actively monitor, detect, investigate, and respond to security threats across infrastructure, endpoints, and applications.

Key Responsibilities

• Monitor and analyze security alerts from SIEM, EDR, IDS/IPS, and cloud security tools
• Perform real-time threat detection, triage, and incident response across Linux, Windows, and macOS systems
• Investigate suspicious activities in multi-cloud environments (AWS, Azure, GCP)
• Conduct log analysis and correlation across infrastructure, applications, and network layers
• Manage and tune SIEM platforms (e.g., Splunk, LogRhythm, ELK)
• Handle incident lifecycle: detection → analysis → containment → remediation → reporting
• Perform endpoint and server-level investigations, especially on Linux-heavy environments
• Support threat hunting activities and identify advanced persistent threats (APTs)
• Perform vulnerability analysis and coordinate with engineering teams for remediation
• Assist in cloud security monitoring including IAM anomalies, misconfigurations, and suspicious activity
• Maintain incident response playbooks, SOPs, and documentation
• Generate security reports, dashboards, and metrics for leadership
• Support compliance requirements (ISO 27001, internal audits, security controls)

Must-Have Qualifications

• 8+ years of experience in SOC, Security Operations, or Incident Response
• Strong experience in SIEM tools (Splunk, ELK, LogRhythm, QRadar)
• Hands-on experience with EDR/XDR tools (CrowdStrike, SentinelOne, Defender, etc.)
• Strong understanding of Linux security (critical), plus Windows and macOS environments
• Knowledge of networking concepts (TCP/IP, DNS, firewalls, VPNs)
• Experience in log analysis, threat detection, and incident triage
• Exposure to multi-cloud environments (AWS, Azure, or GCP)
• Familiarity with web/app security basics (Node.js, APIs, backend services)
• Understanding of common attack vectors (MITRE ATT&CK, OWASP Top 10)
• Experience with vulnerability management tools
• Basic scripting/automation using Python, Bash, or PowerShell
• Strong analytical and troubleshooting skills

Preferred / Nice-to-Have

• Experience in FinTech, blockchain, or gaming environments
• Exposure to Rust-based systems and blockchain node security
• Familiarity with DevSecOps and CI/CD security monitoring
• Experience with threat intelligence platforms
• Knowledge of container security / Kubernetes
• Certifications such as Security+, CEH, CySA+, CISSP (or pursuing)