Lead SOC Engineer (SIEM)
Skills
About This Role
Key Responsibilities
- Deliver and Lead Splunk SIEM management services within the SOC environment.
- Architect scalable and resilient Splunk-based SIEM solutions.
- Define data ingestion strategies, parsing logic, and correlation rules.
- Collaborate with the asset owner, client stakeholder, and SOC, in onboarding new log sources to the SIEM platform.
- Maintain and govern SOC critical log sources, ensuring their proper functionality and integration with Splunk SIEM.
- Detect log source issues, coordinate with customers to diagnose and resolve them in a timely manner.
- Enhance and optimize telemetry within the Splunk environment to improve data collection, correlation, and reporting.
- Collaborate with SOC and threat intelligence teams to develop detection use cases.
- Implement dashboards, alerts, and reports for proactive threat monitoring.
- Perform regular system updates to ensure Splunk functionality and security are up to date.
- Resolve Splunk-related issues promptly and efficiently.
- Proficiency in field extractions, data normalization, and CIM (Common Information Model) compliance.
- Maintain the performance of the Splunk SIEM according to established best practices.
- Participate in continuous process improvements to increase SOC efficiency and effectiveness.
- Provide regular and accurate reports on Splunk services and SOC operations to relevant stakeholders.
- Contribute to SOC architecture strategy and implementation initiatives related to Splunk in the pre-sales phase when required.
- Plan and execute Splunk version upgrades and feature rollouts.
- Evaluate and deploy new Splunk apps and add-ons.
Characterstics
- Profound knowledge and hands-on experience with Splunk SIEM and other related technologies like CRIBL.
- Understanding of SOC workflows, MITRE ATT&CK framework, and threat detection methodologies.
- Ability to correlate data across multiple sources to identify patterns and anomalies.
- Strong understanding of cloud and network technologies, essential for efficient log source onboarding.
- Proven technical capabilities in a complex, fast-paced SOC environment.
- Ability to diagnose and troubleshoot log source issues related to cloud and network infrastructures.
- Strong understanding of SOC operations, cybersecurity principles, and best practices.
- Excellent problem-solving skills and the ability to make decisions under pressure.
- Ability to collaborate effectively with a variety of team members, including interfacing with customers to resolve issues.
- High proficiency in written and verbal communication
Your resume, rewritten
for this exact role.
Sign up free — Base Career tailors your CV to this job description in 60 seconds.
01 / 05
Resume Tailored to This Job
Your keywords, structure, and story — rewritten to match this exact role and pass ATS filters.
Free · No card · 60 seconds
02 / 05
Cover Letter for This Role, Done
Job-specific cover letters written in Gulf professional tone — ready in seconds, not hours.
Free · No card · 60 seconds
03 / 05
See How Well You Fit This Role
AI match score with clear reasons — know your fit before investing time in the application.
Free · No card · 60 seconds
04 / 05
Apply in One Click
Autofill any application form on Workday, LinkedIn, Bayt, Greenhouse — with your tailored content.
Free · No card · 60 seconds
05 / 05
Track It. Follow Up at the Right Time.
Visual pipeline for every application with AI-timed follow-up reminders so nothing slips.
Free · No card · 60 seconds
Similar Jobs
Lead SOC Engineer (OT Cybersecurity)
CPX · Abu Dhabi
Overview OT Detection is a senior technical and engineering leader role focused on designing and implementing advanced threat detection capabilities within OT environments. Operating within CPX’s hybrid Security Operatio
Skills
3 days ago
Apply Now↗Apply Now ↗Lead SOC Engineer (SIEM & SOAR)
CPX · Abu Dhabi
Overview The Lead Engineer – SOC (SIEM & SOAR) is a critical role responsible for delivering SIEM /SOAR management services, particularly focusing on Splunk SIEM and SOAR, within the Security Operations Center (SOC). Thi
Skills
3 weeks ago
Apply Now↗Apply Now ↗Lead SOC Engineer (SIEM)
CPX · Abu Dhabi
Overview The Lead Engineer – SOC (SIEM) is a critical role responsible for delivering SIEM management services, particularly focusing on Splunk SIEM and Splunk UEBA, within the Security Operations Center (SOC). Working c
Skills
3 weeks ago
Apply Now↗Apply Now ↗Lead SOC Engineer (NDR and VM)
CPX · Abu Dhabi
Overview The Lead Engineer – SOC (NDR & VM) will be a technically proficient Lead Engineer to join our Security Operations Center (SOC) team. This individual contributor role focuses on enhancing threat detection and res
Skills
3 weeks ago
Apply Now↗Apply Now ↗2.2K+
Cover Letters & Follow-ups
1.8K+
Resumes Tailored
190.5K+
Jobs Tracked
Trusted by professionals at
Stop applying blindly.
Start getting hired.
Base Career automates the hardest parts of job searching — apply smarter, not harder.
AI Resume in 60s
Your resume rewritten for this exact role using the job description as the brief.
ATS-Optimized
Get past automated screening filters with the right keywords matched to each job.
Application Tracker
Track every job, follow-up, and interview in one visual kanban board.
Free plan · No credit card required