Senior SOC Engineer

Job Description

• Work directly with global teams across Security Operations, Engineering, Architecture, HR, and business leadership
• Lead deep‑dive investigations, advanced threat hunting, and coordinated incident response
• Operate across a modern security stack with strong investment in people, process, and technology
• Exposure to real-world financial‑sector threats and adversarial techniques
• A culture that values continuous learning, curiosity, and technical excellence

• Detect and respond to cyber events, threats, and vulnerabilities
• Lead IR activities during the shift you are responsible for, ensuring timely and effective response
• Conduct IR exercises and postmortems with measurable outcomes
• Use SOAR to automate repetitive tasks and improve efficiency
• Provide timely updates to stakeholders and leadership
• Identify and document TTPs, IOCs, and artifacts
• Create queries and scripts to support investigations
• Maintain IR and forensic procedures and documentation
• Contribute to the incident response plan and post‑incident reporting
• Maintain and update SOC runbooks and playbooks
• Conduct threat hunting using intelligence and hypotheses
• Partner with engineering teams to optimize SOC operations
• Support continuous security control validation
• Participate in Purple/Blue team activities and campaign analysis
• Mentor junior analysts and support team development
• Deliver projects on time and meet stakeholder expectations
• Assist in developing SOC metrics and scorecards
• Drive adoption of AI-enabled detection and automation
• Apply an attacker mindset to strengthen detection and response

QUALIFICATIONS:

Education:

• Bachelor’s degree in Computer Science, Information Technology, or equivalent work experience
• Certifications such as GSEC, GCIA, CISSP, OSCP are a plus

Skills:

Excellent communication and influence skills
Strong understanding of offensive and defensive security
Ability to improve monitoring and response at scale
Strong analytical and decision‑making skills
Calm under pressure and tight deadlines
Proven mentoring ability
High integrity and trustworthiness
Ability to think like an attacker and anticipate adversary behavior
Comfort working in an environment adopting AI and automation

Experience Required:

• 6+ years in cybersecurity or security operations consulting
• Strong IR and forensic investigation experience
• Scripting experience (PowerShell or Python)
• Experience with SOAR preferred
• Experience with SIEM and EDR platforms
• Experience with cloud environments
• Experience mentoring or leading team members
• Experience with automation or AI‑assisted detection is a plus

General Requirements:

• Willingness to work primarily in SGT (Singapore Business Hours) and occasionally other shifts
• Ability to work onsite at the Ares Mumbai office
• Experience with SIEM, EDR, UEBA, and NBAD
• Understanding of attack methods and SIEM signatures
• Strong event analysis skills
• Knowledge of network protocols and log formats
• Understanding of cloud environments
• Strong analytical and problem-solving skills
• High personal integrity and professionalism
• Ability to work effectively across cultures and levels
• Adaptability to evolving environments
• Passion for cybersecurity and continuous learning
• Knowledge of security frameworks, attack methodologies, and intrusion detection
• Excellent verbal and written English communication skills
• Interest in leveraging AI, automation, and adversary-emulation techniques

Reporting Relationships

There is no set deadline to apply for this job opportunity. Applications will be accepted on an ongoing basis until the search is no longer active.