Job Summary
The SIEM & SOC Senior Specialist will be responsible for leading the migration of the SIEM platform from the existing environment to a new solution. This role involves designing and developing new detection use cases, optimizing and refining them prior to deployment, and ensuring seamless onboarding into the new platform. The specialist will also establish new operational processes, enhance and modify existing procedures as required, and drive adherence to security and compliance standards, ensuring achievement of a 100% compliance score
Key Responsibilities
Skill Requirements
Other Requirements
1.1 Qualifications & Experience • Bachelor’s degree in Computer Science, Information Security, Engineering, or equivalent experience. • 12-15 years in Security Operations with 5+ years leading SOC teams or major incident response programs. • Expert‑level hands‑on experience with SIEM platforms (e.g., Splunk, Microsoft Sentinel, LogRhythm, QRadar) including admin and detection engineering. • Strong incident handling expertise across containment, eradication, recovery, and lessons learned. • Demonstrated experience with EDR/XDR, SOAR automation/orchestration, and case management tools. • Hands‑on network security knowledge (firewalls, IDS/IPS, WAF, VPN, proxies, NAC) and packet/log analysis. • Vulnerability management lifecycle experience using enterprise scanners and remediation governance. • Experience integrating cloud and identity telemetry; familiarity with Azure/M365 security preferred. • Knowledge of frameworks and models: MITRE ATT&CK;, NIST 800‑61 IR, NIST CSF, ISO 27001. • Excellent communication, stakeholder management, and executive reporting skills. • Audit participation experience is must Preferred Certifications • Security+: CompTIA Security+ • SIEM/EDR vendor certifications (e.g., Splunk, Microsoft, CrowdStrike). • Incident response/forensics (e.g., GCFA, GNFA, GCIH). • Cloud security (e.g., AZ‑500, SC‑200, CCSP). • Network security (e.g., NSE, PCNSA/PCNSE, CCNP Security). Tools & Platforms (indicative) • SIEM: Splunk, Microsoft Sentinel, LogRhythm, QRadar • EDR/XDR: Microsoft Defender for Endpoint, CrowdStrike, SentinelOne • SOAR: Splunk SOAR, Cortex XSOAR, Sentinel playbooks/Logic Apps • Vulnerability: Qualys, Tenable, Rapid7 • Network: Palo Alto, Fortinet, Cisco, F5/WAF, Zscaler/Proxies KPIs & SLAs • Mean Time to Detect (MTTD) and Mean Time to Respond/Recover (MTTR). • False positive rate and alert quality index. • Detection/use‑case coverage (% of prioritized threat scenarios). • Log source coverage and health (% of critical sources onboarded and healthy). • Vulnerability remediation SLA compliance and risk reduction trends Job Title:SOC Section Manager [IT Security & Infrastructure]Name of Job Owner:[First name + Last name]Personnel Number:[Personnel Number] Cost Centre:[Cost Centre]Organisational Unit:Corporate Department:Information TechnologyRepresents:[Role] - [First name + Last name] Represented by:[Role] - [First name + Last name]Disciplinary Superior: Functional Superior: [Superior role] - [First name + Last name] [Superior role] - [First name + Last name] Summary of Position: substantial / major Tasks:The SIEM & SOC Senior Specialist will be responsible for leading the migration of the SIEM platform from the existing environment to a new solution. This role involves designing and developing new detection use cases, optimizing and refining them prior to deployment, and ensuring seamless onboarding into the new platform. The specialist will also establish new operational processes, enhance and modify existing procedures as required, and drive adherence to security and compliance standards, ensuring achievement of a 100% compliance score.Major Tasks / Activities(What the position does) Expected Outcome(Why is it done)Engage with key users to understand business needs, challenges, and goals. Support in developing (technology) solutions on domain level aligned with organizational objectives. Defined, aligned, and communicated domain level strategy, roadmap, and processes.