A **SOC Engineer** (Security Operations Center Engineer) is responsible for maintaining the security of an organization's IT infrastructure by monitoring, detecting, and responding to security incidents. Below is a typical job description for this role, including key responsibilities: **Certificates Required:** 1\. GCIH 2\. FOR 508 3\. GCFA **Roles and Responsibilities:** * **Monitoring and Incident Detection:** * Continuously monitor security alerts and notifications from various security tools and technologies (e.g., SIEM systems, IDS/IPS, firewalls, etc.). * Investigate security incidents and potential threats. * Perform triage and prioritize incidents based on severity and impact. * Detect, analyze, and report any abnormal activity or potential threats in the network. * **Incident Response and Mitigation:** * Lead or assist in the response to security incidents, ensuring proper containment, eradication, and recovery procedures are followed. * Work with other teams (e.g., IT, network, and system admins) to mitigate security incidents and vulnerabilities. * Provide guidance on handling and escalating incidents based on predefined escalation paths. * **Security Tools and Technology Management:** * Manage, configure, and optimize security tools (such as SIEM, firewalls, and antivirus software) to enhance security operations. * Maintain logs and ensure the integrity of security infrastructure tools and devices. * Implement and update security protocols to ensure the organization’s systems and data are protected. * **Threat Intelligence and Vulnerability Management:** * Collect and analyze threat intelligence data from various sources to identify emerging security threats and vulnerabilities. * Perform vulnerability assessments and recommend remediation actions based on findings. * Assist with patch management and ensure timely deployment of security patches. * **Reporting and Documentation:** * Document security incidents, actions taken, and lessons learned to improve future responses and security posture. * Generate reports on security incidents, system performance, and security operations metrics. * Present regular status updates on security incidents and trends to management. * **Collaboration and Communication:** * Collaborate with other teams (network security, IT, DevOps, etc.) to ensure a holistic security approach. * Communicate effectively with internal teams and external vendors to resolve security issues. * Provide training and knowledge transfer on security best practices to other employees. * **Continuous Improvement:** * Continuously assess and improve the effectiveness of security tools and processes. * Research new security technologies and trends to stay ahead of potential threats. * Participate in ongoing security awareness programs and training. * **Compliance and Standards Adherence:** * Ensure that security operations comply with relevant industry standards, regulations, and best practices (e.g., GDPR, HIPAA, PCI DSS). * Perform regular audits and assessments to ensure compliance with security policies. Job Type: Full\-time Pay: QAR13,000\.00 \- QAR15,000\.00 per month Education: * Bachelor's (Required) Experience: * SOC: 4 years (Required) Language: * Arabic (Required) License/Certification: * GCIH (Required) * FOR 508 (Required) * GCFA (Required) * Computer Science or Information Technology (Required)