Jr SOC Engineer

RATP Dev

Monitor and analyze security alerts from multiple sources, including SIEM, firewalls, IDS/IPS, and antivirus tools.

Investigate and respond to security incidents, such as malware infections, phishing attacks, and unauthorized access.

Escalate high-priority incidents to the Cybersecurity Engineer based on severity and defined playbooks.

Assist in containment, eradication, and recovery efforts during active incidents.

Analyzing event logs from endpoints, servers, applications, and network devices to identify anomalies and indicators of compromise (IOCs).

Tune SIEM use cases and correlation rules to reduce false positives and improve detection accuracy.

Maintain and enrich threat detection content with relevant threat intel and attack patterns (e.g., MITRE ATT&CK framework).

Assist in enforcing access controls and security policies.

Work alongside IT teams to uphold system and network security standards.

Support compliance with relevant cybersecurity frameworks (e.g., ISO 27001, NIST, GDPR).

Assist in audits, documentation, and risk assessments.

Liaise with IT, security, and business teams to apply effective security controls.

Contribute to the preparation of reports on incidents of the cybersecurity system status.

Stay informed on evolving cybersecurity threats and industry developments.

Recommend and assist in implementing security improvements and best practices.

Promote a positive safety culture within the workplace and attend any safety-related meetings or briefings as required within the job role.

Comply with the requirements of RDMC RQHSE Policy and Safety Management System.

Be mindful that Safety, Security, and Environmental protection are everyone s responsibility.

All staff members are accountable for reporting and intervening in any Safety, Security, or Environmental violations.

Perform other related duties as assigned in support of overall cybersecurity operations.