Forter
Forter is the leader in Identity Intelligence for digital commerce. We provide real-time decisions for every customer interaction.
Forter is looking for a Senior SOC Engineer to enhance our security operations and ensure robust protection against sophisticated threats. This role is crucial for maintaining our Security Operations as a high-performing and resilient hub that can quickly adapt to emerging security challenges in the fintech industry. You will take the lead in refining our SOC capabilities by monitoring network traffic, analyzing security incidents, managing security tools, automating processes, and providing expertise to SOC analysts, without having direct management responsibilities.
The Senior SOC Engineer collaborates with cross-functional teams to build defenses, respond to incidents, and design strategies for robust cybersecurity posture.
Why should you join us?
At Forter, you’ll play a critical role in defending against sophisticated threats in a high-stakes fintech environment. As a Senior SOC Engineer, you will:
* Shape the Future of Security: Lead initiatives to enhance our SOC capabilities, using cutting-edge technologies and automation tools to protect against advanced threats in real-time.
* Make an Outsized Impact: Your work will directly influence Forter’s ability to safeguard millions of transactions for major clients like Nordstrom, Priceline, and ASOS, enhancing customer trust and revenue growth.
* Work with a Talented Team: Collaborate with industry-leading experts in cloud security, fraud prevention, and data analytics. Forter is driven by a culture of excellence, continuous learning, and innovation.
* Access to Leading-Edge Tools: You will have the freedom to experiment with the latest SIEM, SOAR, EDR, and cloud-native security technologies, empowering you to stay at the forefront of cybersecurity practices.
This is more than just a job; it’s an opportunity to grow your expertise in a dynamic, supportive environment while making a tangible impact on the digital commerce industry.
What you will be doing:
* Security Engineering & Automation: Oversee the deployment, configuration, and tuning of SOC related security tools to enhance detection accuracy, reduce false positives, and manage end-to-end EDR operations. Drive improvements in SOC workflows, automating enrichment processes, and developing playbooks for more efficient alert handling.
* Security Monitoring & Threat Detection: Continuously monitor security alerts, events, and IoCs across all platforms. You’ll build and deploy queries and scripts, and create dashboards and workflows to enhance visibility and reporting.
* Proactive Threat Hunting: Develop and implement threat hunting procedures to proactively identify potential risks and vulnerabilities before they escalate.
* Cloud Security Monitoring: Analyze and manage AWS security logs through the SIEM, while also engaging directly with AWS security services and CSPM responsible team for proactive defense and monitoring in the cloud environment.
* Incident Response: Enhance the IRP and coordinate with the SOC team and cross-functional teams during the incident response lifecycle, focusing on containment, eradication, recovery, and post-incident analysis.
* Vendor Coordination: Collaborate with third-party vendors as needed for managed security services and specialized tools.
* Mentorship: Mentor junior security team members, providing guidance on incident handling and security best practices.
What you’ll need?
* Experience: Minimum of 5+ years in SOC or incident response roles, with hands-on experience in threat detection and mitigation.
* Technical Skills: Strong capability in threat detection, incident response, and analysis of complex attack patterns, with a focus on the AWS environment. Skilled in writing SIEM queries, alerts, and dashboards.
* End-to-End Investigations & Network Protocols: Extensive experience with end-to-end investigations, handling security incidents, and deep knowledge of security network protocols, along with familiarity with the OWASP Top 10 vulnerabilities.
* EDR Expertise: Hands-on experience managing EDR tools, including end-to-end operations from deployment and configuration to analysis and response.
* Scripting & Automation: Knowledge of scripting languages such as Python, SQL, or Bash to automate SOC workflows.
* Core Skills: Strong problem-solving, organizational, and analytical skills, with attention to detail and a security-first approach to translating complex issues into solutions. Excellent communication skills for effective collaboration and reporting. Continuous learning mindset with an eagerness to stay updated on cybersecurity trends.
It’d be cool if you also: [NOT A MUST]
* Familiar with industry frameworks (ISO 27001, PCI-DSS, SOC2, NIST, etc.) and regulatory requirements.
* Have one or more certifications: GCIH, GIAC, CSA, CompTIA CySA+, or other relevant certifications.
#J-18808-Ljbffr