Information Security Engineer (Incident Response / SOC)

Our client, a leading organization in the financial sector, is looking for an experienced Information Security Engineer to play a key role in strengthening their Security Operations Center (SOC) and Incident Response capabilities. This position focuses on threat detection, incident response, vulnerability management, and continuous improvement of security operations.

The successful candidate will be a hands-on security professional with deep technical expertise in SOC operations, threat hunting, and incident response, as well as strong collaboration skills to work closely with IT, engineering, and risk management teams to maintain a secure and resilient environment.

Key Responsibilities

1. SOC Operations & Incident Response

• Lead and enhance the day-to-day operations of the Security Operations Center (SOC).
• Monitor, detect, investigate, and respond to cybersecurity incidents in a timely and efficient manner.
• Manage and optimize SIEM, EDR, IDS/IPS, and threat intelligence platforms to improve detection accuracy and response speed.
• Conduct detailed incident investigations, including containment, eradication, recovery, and root cause analysis.
• Perform threat hunting to proactively identify potential risks and compromise indicators.
• Develop and maintain incident response playbooks, escalation procedures, and communication workflows.
• Conduct post-incident reviews and drive continuous improvement in detection and response processes.

2. Threat & Vulnerability Management

• Coordinate regular vulnerability scans, penetration testing, and patch management activities.
• Collaborate with IT and engineering teams to remediate vulnerabilities and strengthen system defenses.
• Stay current on emerging threats, TTPs (tactics, techniques, and procedures), and evolving threat actor behaviors.
• Leverage threat intelligence feeds to enhance monitoring and detection capabilities.

3. Security Governance, Risk & Compliance

• Ensure compliance with relevant regulatory frameworks (e.g., MAS TRM, PCI DSS, ISO 27001, GDPR).
• Support security audits, risk assessments, and regulatory reviews.
• Maintain and update security policies, standards, and incident response procedures.

4. Security Awareness & Collaboration

• Partner with DevOps and engineering teams to embed security controls into CI/CD pipelines.
• Lead security awareness initiatives and training to strengthen the organization’s security culture.
• Engage with external partners, vendors, and law enforcement for incident handling and intelligence sharing.

Key Requirements

• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or related field.
• 5+ years of hands-on experience in SOC operations, incident response, or cybersecurity engineering.
• Strong technical expertise with SIEM (e.g., Splunk, Azure Sentinel), EDR (e.g., CrowdStrike, SentinelOne), IDS/IPS, firewalls, and cloud security tools (AWS, Azure, GCP).
• In-depth understanding of threat detection, forensic investigation, malware analysis, and threat intelligence.
• Familiarity with regulatory standards and best practices in the financial services sector (e.g., MAS TRM, PCI DSS, GDPR).
• Excellent analytical, communication, and collaboration skills, with a proactive approach to problem-solving.