Security Operations Center (SOC) Engineer

Overview

We are a privately owned leading Managed IT Services company (Managed Service Provider). Since 1997 we have specialized in providing managed IT services and managed security services for small to medium-sized enterprises. We are looking for highly passionate individuals to join our team to help drive the growth and success of our company.

ICE Consulting is seeking a talented Security Operations Center (SOC) Engineer to join our team. The SOC Engineer role requires working as part of the SOC team, monitoring and analyzing the environment, identifying, and responding to security threats that put the company at risk. The engineer will own leading‑edge solutions intended to improve the security posture of the company and provide thought leadership and technical mentorship on how to respond and analyze security incidents based on best practices.

Responsibilities

• Developing and implementing SIEM solutions internally and for clients.
• Develop content for a complex and growing SIEM infrastructure, including use cases, dashboards, active channels, reports, rules, filters, trends, and lab sessions.
• Use SIEM in daily operations, including administration, operation, management of the platform, and ensuring the health of log sources, parsers, alerts, and reports.
• Monitor SIEM and other event sources, assess, prioritize, and manage security alerts.
• Perform analysis of security, network, database, and application logs, correlate events, and create threat scenarios to proactively mitigate threats.
• Lead imminent threat/zero‑day response functions across the environment.
• Translate threat intelligence into actionable security across tools such as firewalls, IPS, and malware detection on multiple vendor platforms.
• Track and resolve security incidents, collaborate with other teams, and suggest areas for improvement.
• Build custom connectors/parsers for devices or IT assets not supported out of the box.
• Own and operate critical security solutions to protect the company from cyber threats.
• Deploy new solutions and technologies to improve security posture.
• Continuously fine‑tune security solutions to reduce false positives and negatives.

Qualifications & Requirements

• 2–5 years of professional experience.
• Bachelor’s degree in an IT‑related discipline.
• At least 2 years of experience in information security, auditing, or risk management.
• Experience building SIEM architecture; working knowledge of SIEM platforms (QRadar, Sentinel, Splunk, LogRhythm, Wazuh, ELK).
• Deep technical knowledge of system security, SIEM implementation, and security event management processes.
• Knowledge of TCP/IP networking and major protocols (HTTP, SSL/TLS, DNS, SMTP).
• Experience with vulnerability scanning tools (Nexpose, Metasploit), file integrity monitoring, and data loss protection.
• Development of scripts in PowerShell or Python for automated detection, scanning, and network stream analysis.
• Experience executing incident response frameworks such as NIST and SANS.
• Current knowledge of security threats, solutions, tools, and network technologies.
• Understanding of information security compliance regulations (ISO 27001, PCI DSS, GDPR).
• Fluency in English (written and spoken).
• Excellent documentation skills and strong problem‑solving abilities.
• Must be able to work independently and as part of a team.
• Travel may be required on a need basis.