A leading cybersecurity company in Abu Dhabi is hiring a SOC Engineer (SIEM) for a 6-month extendable contract.
Responsibilities
- Support SIEM operations and engineering activities within the SOC.
- Handle first-level SIEM and log source issues, including health checks and telemetry validation.
- Assist with onboarding and configuring new log sources across cloud, on-prem, and network environments.
- Optimize SIEM performance and enhance detection telemetry (Splunk, Sentinel, QRadar, LogRhythm, etc.).
- Troubleshoot ingestion issues, parsing errors, and data pipeline gaps.
- Support rule tuning, alert optimization, and SIEM hygiene tasks.
- Contribute to Splunk/Sentinel maintenance, updates, and best-practice improvements.
- Provide reporting and documentation related to SIEM operations.
- Collaborate closely with SOC analysts, engineers, and customer teams to resolve technical issues.
Requirements
- Strong experience with SIEM platforms such as Microsoft Sentinel, Splunk, QRadar, LogRhythm, or FortiSIEM.
- Hands-on ability to diagnose log onboarding, ingestion, cloud connectors, and network log issues.
- Experience in SOC environments (minimum 7 years preferred).
- Python scripting knowledge for automation and data parsing.
- Foundation in cloud (Azure preferred) and network technologies (TCP/IP, firewalls, proxies, etc.).
- Understanding of SOC workflows, detection, health checks, and incident support.
- Strong communication and problem-solving skills.
Preferred Certifications
- Splunk Certified Admin/Architect
- Microsoft SC-200
- Other SIEM, cloud, or network certifications (Azure, AWS, GCP, CCNA)
