Associate Engineer - Platform Security (Fixed Term)

Job Description

• Manage daily operations of Microsoft Sentinel, FortiSIEM, Splunk, and other SIEM tools to ensure stability, performance, and continuous availability
• Onboard Log Sources & Configure and validate connectors, agents, and ingestion pipelines to ensure accurate log collection, parsing, and normalization from various technologies
• Create correlation rules, analytics rules, and detection logic while continuously fine‑tuning them to increase true positives and reduce false positives
• Assist SOC analysts by resolving SIEM‑related issues such as detection failures, log gaps, platform errors, or alert inconsistencies
• Support SIEM deployments, upgrades, customer onboardings, and feature rollouts by contributing to technical configurations and requirements
• Map use cases to MITRE ATT&CK, incorporate emerging TTPs, and implement new rules based on threat intelligence and attack trends
• Perform routine health checks, monitor ingestion pipelines, and proactively address scalability, reliability, or performance-related issues
• Assist in developing and maintaining automation playbooks to improve SOC efficiency and reduce manual workload
• Maintain updated documentation, including architecture diagrams, rule libraries, onboarding guides, troubleshooting steps, and operational playbooks
• Work closely with SOC analysts, network teams, cloud engineers, threat hunters, and customer stakeholders to ensure smooth and secure operations

Person Specification

• Bachelor's degree in Computer Science, Information Security, Cybersecurity, or related disciplines
• 1–3 years of experience in SOC operations, SIEM administration, security engineering, or related fields
• Experience with at least one SIEM platform such as Microsoft Sentinel, FortiSIEM, or Splunk
• Understanding of log collection, parsing, event correlation, and rule creation
• Knowledge of detection engineering principles and cybersecurity frameworks (e.g., MITRE ATT&CK)
• Familiarity with security tools such as firewalls, IDS/IPS, EDR, vulnerability scanners, and cloud security services
• Familiarity with Linux Operating System and scripting knowledge in PowerShell, Python, or Bash is an added advantage
• Strong analytical and problem‑solving abilities
• Excellent communication and teamwork skills
• High attention to detail and a proactive learning mindset
• Relevant certification such as: Microsoft SC‑200 / AZ‑500, Fortinet NSE 4/5/6, CompTIA Security+, CySA+, CEH or any SOC/SIEM‑related certification
• Relevant certifications, such as CISSP or CEH, will be an added advantage