SOC Engineer for NATO (Security Clearance Required)

About the role

The successful candidate will protect, monitor, and defend the organization’s technology infrastructure and data assets. This position works within a Security Operations Center supporting NATO‑related missions and requires a valid security clearance.

Key responsibilities

• Monitor and analyse security events using Splunk SIEM, correlating data from endpoints, network, and vulnerability systems.
• Operate Trellix Endpoint Security and EDR to detect, contain, and remediate endpoint threats.
• Run and review Tenable Nessus vulnerability scans and coordinate remediation with IT teams.
• Manage secure software components through Sonatype Nexus, identifying vulnerable dependencies and supporting DevSecOps pipelines.
• Participate in incident response activities: detection, triage, containment, eradication, and recovery.
• Develop and maintain Splunk detection rules, dashboards, and automated alerts aligned with the MITRE ATT&CK framework.
• Document security events, maintain SOC playbooks, and support ISO 27001, NIST CSF, and GDPR compliance audits.
• Provide situational‑awareness reports and risk insights to management and stakeholders.
• Propose new use cases and optimise detection coverage to continuously improve the SOC.

Required profile

• Minimum three years of experience in Cybersecurity Operations, SOC analysis, or Incident Response.
• Hands‑on experience with Trellix EDR/ePO, Splunk SIEM, Tenable Nessus, and Sonatype Nexus.
• Strong understanding of threat detection, incident handling, and vulnerability management processes.
• Familiarity with network protocols (TCP/IP, DNS, HTTP/S, SMTP) and log analysis techniques.
• Knowledge of MITRE ATT&CK, NIST 800‑61, and ISO 27035 frameworks.
• Ability to manage multiple incidents in a fast‑paced environment.

Required skills

• Trellix Endpoint Security / ePO
• Splunk SIEM
• Tenable Nessus
• Sonatype Nexus
• MITRE ATT&CK framework
• NIST 800‑61 incident handling
• ISO 27035 incident management
• TCP/IP, DNS, HTTP/S, SMTP protocols
• Python, PowerShell, Bash (for automation)