Senior Security Specialist – CSOC Operations

Roles & Responsibilities

• Log Source Integration & Troubleshooting – Integrate firewalls, servers, endpoints, and cloud services into SIEM. Validate parsing, normalization, and correlation rules. Troubleshoot ingestion issues ensuring data integrity.
• Service Ticket Management – Handle escalations from CSOC team. Ensure timely resolution, documentation, and act as escalation point for complex cases.
• Daily Administrative Tasks – Perform SOC tool health checks, generate daily operational reports, and coordinate with internal teams on incidents and changes.
• Malware & Threat Incident Handling – Respond to virus, worm, spyware, and malware incidents. Provide remediation, conduct root cause analysis, and implement preventive measures.
• Incident Validation & Analysis – Collaborate with CSOC team for deep analysis. Recommend mitigation strategies and act as escalation point for device/user issues.
• Incident Response & Mitigation – Execute containment, eradication, and recovery actions. Document all steps for compliance and audit readiness.
• Coordination & Communication – Work closely with internal IT/security teams and OEM CSOC for escalations, updates, and activity tracking.
• Quality & Risk Monitoring – Monitor compliance with organizational security standards and regulatory requirements.
• Solution Implementation – Deploy approved solutions, validate integration with CSOC infrastructure, and ensure successful rollout.
• Third-Party Integration – Integrate additional network, security, and cloud solutions with SOC platform ensuring compatibility and functionality.

Key Skills

• Strong knowledge of Linux & Windows OS, Databases, and Network Management Software.
• Expertise in Endpoint Protection, EDR, Threat Hunting, and Forensics solutions.
• Excellent troubleshooting, documentation, and communication skills.