What are the responsibilities and job description for the Senior SOC Engineer position at Mantis Security Corporation?
Description
Mantis Security is seeking a Senior SOC Engineer to support cybersecurity operations within a cloud-enabled, mission-critical environment. This is a hands-on defensive role focused on monitoring, detection, and incident response.
The engineer will operate within a SOC/MDT, working with infrastructure teams to identify threats, investigate incidents, and improve detection capabilities. This role emphasizes execution and technical depth rather than leadership.
Key Responsibilities
This is a senior individual contributor role focused on executing SOC operations, improving detections, and strengthening defensive capabilities. It does not include team leadership or organizational responsibilities.
Requirements
Required Qualifications
Mantis Security is seeking a Senior SOC Engineer to support cybersecurity operations within a cloud-enabled, mission-critical environment. This is a hands-on defensive role focused on monitoring, detection, and incident response.
The engineer will operate within a SOC/MDT, working with infrastructure teams to identify threats, investigate incidents, and improve detection capabilities. This role emphasizes execution and technical depth rather than leadership.
Key Responsibilities
- Perform security monitoring, alert triage, and incident response
- Investigate events to determine scope, impact, and root cause
- Execute containment, eradication, and recovery actions
- Conduct log analysis using SIEM tools (Splunk, OpenSearch, etc.)
- Develop and tune detections, correlation rules, and dashboards
- Perform threat hunting using hypothesis-driven approaches
- Analyze network traffic and system activity for threats
- Support vulnerability management and remediation efforts
- Document incidents and findings through clear reporting
- Collaborate with engineering teams to improve visibility and security posture
- Contribute to ATO packages and RMF artifacts
- SIEM: Splunk, OpenSearch, Elastic
- Cloud: AWS Commercial and GovCloud
- Network Security: Firewalls, IDS/IPS
- Vulnerability Management: Nessus, ACAS
- Monitoring: GuardDuty, Security Hub
- Analysis Tools: Wireshark, tcpdump
This is a senior individual contributor role focused on executing SOC operations, improving detections, and strengthening defensive capabilities. It does not include team leadership or organizational responsibilities.
Requirements
Required Qualifications
- Active TS/SCI clearance
- 10 years of experience in SOC, cyber defense, or incident response
- Experience with security monitoring, investigation, and network defense
- Strong network fundamentals (routing, segmentation, firewalls, packet flow, SD-WAN)
- Proficiency with SIEM/log analysis platforms
- Experience contributing to RMF / compliance requirements
- Strong written communication skills
- Security (or IAT Level II equivalent)
- Background in cyber defense, detection engineering, cloud, or network security
- Experience with AWS security tools (CloudTrail, GuardDuty, Security Hub, Config, IAM Access Analyzer, CloudWatch)
- Experience with vulnerability management tools (ACAS, Nessus, Tenable)
- Experience with threat hunting methodologies
- Familiarity with IDS/IPS, EDR, and network security tools
- Exposure to forensic analysis tools and techniques