40 Soc Engineer jobs in Bahrain

• Design, implement, and manage Security Operations Center (SOC) infrastructure.
• Lead and mentor a team of SOC analysts.
• Architect, deploy, and tune SIEM, EDR, NDR, and other security detection tools.
• Develop and refine incident response procedures and playbooks.
• Conduct advanced threat hunting and forensic investigations.
• Integrate threat intelligence feeds into SOC workflows.
• Automate security operations processes using scripting and orchestration tools.
• Perform security monitoring and analysis of logs and alerts.
• Provide technical expertise during security incidents.
• Collaborate with IT and other teams to improve overall security posture.
• Stay current with emerging threats and security technologies.

• Bachelor's degree in Computer Science, Information Security, or a related field.
• Minimum of 7 years of experience in cybersecurity, with at least 3 years in a SOC engineering or leadership role.
• Proven experience designing, building, and operating SOC environments.
• In-depth knowledge of SIEM, EDR, NDR, firewalls, IDS/IPS, and other security technologies.
• Strong understanding of incident response methodologies, forensics, and threat hunting.
• Proficiency in scripting languages (e.g., Python, PowerShell).
• Excellent leadership, communication, and analytical skills.
• Relevant certifications such as GCIH, GCFA, CISSP, or OSCP are highly desirable.

• Developing and implementing threat intelligence programs to identify and track emerging cyber threats relevant to the organization.
• Conducting in-depth vulnerability assessments and penetration testing to identify security weaknesses.
• Leading and managing incident response activities, including containment, eradication, and recovery from security breaches.
• Analyzing security logs and events from various sources (SIEM, IDS/IPS, firewalls) to detect and respond to threats.
• Developing and maintaining incident response playbooks and procedures.
• Performing digital forensics investigations to determine the scope and impact of security incidents.
• Recommending and implementing security controls and best practices to mitigate identified risks.
• Collaborating with IT and business units to ensure security requirements are met.
• Staying up-to-date with the latest security threats, vulnerabilities, and mitigation techniques.
• Participating in security awareness training initiatives.
• Assisting in the development and refinement of the organization's overall security strategy.
• Monitoring security systems and responding to alerts in a timely manner.
• Generating detailed reports on security incidents, vulnerabilities, and recommendations.

• Bachelor's degree in Computer Science, Information Security, or a related field.
• 5+ years of experience in information security, with a focus on threat intelligence and incident response.
• Strong understanding of networking protocols, operating systems, and common attack vectors.
• Experience with SIEM tools (e.g., Splunk, QRadar), vulnerability scanners, and forensic tools.
• Relevant security certifications such as CISSP, CEH, GIAC, or OSCP are highly desirable.
• Proficiency in scripting languages (e.g., Python, PowerShell) for automation is a plus.
• Excellent analytical, problem-solving, and communication skills.
• Ability to work under pressure and manage critical incidents effectively.

This global leadership role in cyber security is to manage the Security Operations (SecOps) team responsible for design, implementation, and evolution of Canonical security practices, techniques, tools, systems, and policies. The team is the primary owner of strategy and practices that determine how Canonical secures its data, internal infrastructure, and build processes. They are responsible for assuring the security and integrity of our own infrastructure and product deployments. They design and implement technical security controls that ensure security threats are automatically identified, contained, and remediated. The team will also contribute ideas and requirements for Canonical product security, improving the resilience and robustness of all Ubuntu customers and users subject to cyber attack.

As a leader on cyber security in the company, the SecOps team manager will collaborate with our Organisational Learning and Development team to develop playbooks and facilitate SecOps training across Canonical. They will operate in a wider security organisation, run a high-performing security team, and improve Canonical's security posture. They will lead initiatives to integrate the team's insights into Canonical's broader software development process.

While this is a management position, we expect managers to be expert practitioners, able to lead by example, contribute at the highest level, and assess work based on their own professional experience and skill. Candidates should have deep, hands-on expertise with a range of open source and proprietary security tooling and practices, which they can integrate into a holistic next-generation security solution across the breadth of Canonical's interests.

The SecOps team's mission is not only to secure Canonical but also to contribute to the security of the wider open source ecosystem. They might share knowledge through public presentations and industry events, share threat intelligence with the wider community, or represent Canonical in sector-specific governance bodies.

This role reports to the CISO.

What you will do in this role:

• Hire and mentor a team of outstanding technical security professionals
• Define Canonical's SecOps security standards and playbooks
• Own and drive the architecture and design of the SOC
• Analyse and improve Canonical's security architecture
• Evaluate, select, and implement new security tools and practices
• Identify, contain, and guide the remediation of security threats and cyber attacks
• Grow the presence and thought leadership of Canonical SecOps practice
• Contribute to open source threat intelligence initiatives
• Drive threat modelling, tabletop exercises, and other SecOps practices across Engineering, IS, and Canonical
• Develop Canonical SecOps learning and development materials
• Publish blog posts, whitepapers, and conference presentations
• Identify, implement, and track SecOps KPIs
• Plan and deliver SecOps work within Canonical's agile engineering framework
• Work with Security leadership to present information and influence change

What we are looking for:

• Proven track record of mitigating threats from advanced threat actors and nation-states
• Expert technical understanding of SOCs from the ground up
• In-depth knowledge of SOC architecture and design, including strategies for logging, firewalls, network segmentation, honeypots, etc.
• Understanding how the SOC works, not just how to use it
• Expertise in Linux security
• Ability to define, implement, automate, and measure effective incident response playbooks
• Knowledge of security architecture and market-leading security tools
• Experience contributing to and consuming threat intelligence feeds
• Experience in security risk management frameworks such as NIST CSF
• An exceptional academic track record from high school and university
• Undergraduate degree in Computer Science or STEM, or a compelling narrative about your alternative path
• Drive and a track record of exceeding expectations
• Deep personal motivation to be at the forefront of technology security
• Leadership and management ability
• Excellent business English writing and presentation skills
• Confidence to report security performance metrics with accountability for accuracy and completeness

Optional things we value:

• Experience in offensive or defensive security teams with hands-on ability
• Experience with open source security tools
• Experience with security standards such as ISO 27001
• Experience with security posture management of corporate endpoints

We have opened several senior/staff Security Operations Engineer (SOC) positions, creating a new team reporting to the CISO. We are looking for a range of experience in these positions - at the high end we are looking for deep experience defending highly contested critical assets and high-value cyber targets against advanced persistent threats and state-level actors. We have more junior roles for exceptional individuals with a proven personal interest an engagement in cyber attack and defence, and outstanding academic and career performance even if experience is limited.

Our goal is to build an entirely new level of assurance and observable rigour into the open source supply chain. We have our own estate to monitor, but more broadly our goal is to raise the robustness of the entire global Ubuntu estate through the work of this team.

The Security Operations (SecOps) team is responsible for design, implementation and evolution of Canonical security practices, techniques, tools, systems and policies. The team is the primary owner of strategy and practices that determine how Canonical secures its data, internal infrastructure and build processes. They are responsible for assuring the security and integrity of our own infrastructure and product deployments. They design and implement technical security controls that ensure security threats are automatically identified, contained and remediated. The team will also contribute ideas and requirements for Canonical product security, improving the resilience and robustness of all Ubuntu customers and users subject to cyber attack.

The SecOps team's mission is not only to secure Canonical, but also to contribute to the security of the wider open source ecosystem. They might share knowledge through public presentations and industry events, and share threat intelligence with the wider community or represent Canonical in sector-specific governance bodies.

What you will do in this role:

• Implement and evolve Canonical's Security Operation Center
• Analyse and improve Canonical's security architecture
• Evaluate, select and implement new security tools and practices
• Identify, contain and guide the remediation of security threats and cyber attacks
• Grow the presence and thought leadership of Canonical SecOps practice
• Contribute to open source threat intelligence initiatives
• Drive threat modelling, table top exercises and other SecOps practices across Engineering, IS and Canonical
• Develop Canonical SecOps learning and development materials
• Publish blog posts, whitepapers and conference presentations
• Identify, implement and track SecOps KPIs
• Plan and deliver SecOps work in the framework of Canonical's agile engineering practice
• Work with Security leadership to present information and influence change
  
  

• An exceptional academic track record
• Undergraduate degree in Computer Science or STEM, or a compelling narrative about your alternative path
• Previous professional experience working or leading a Security Operation Center
• Deep personal motivation to be at the forefront of technology security
• Expertise in threat modelling and risk management frameworks
• Knowledge of security architecture and market-leading security tools
• Experience contributing to, and consuming, threat intelligence feeds
• Experience in security risk management frameworks such as NIST CSF and ISO27001
  
  

• Experience in a security operations team or a security operations centre (SOC)
• Experience in offensive or defensive security teams with hands-on ability
• Experience with state-actor and other advanced persistent threats
  
  

• Distributed work environment with twice-yearly team sprints in person
• Personal learning and development budget of USD 2,000 per year
• Annual compensation review
• Recognition rewards
• Annual holiday leave
• Maternity and paternity leave
• Employee Assistance Programme
• Opportunity to travel to new locations to meet colleagues
• Priority Pass, and travel upgrades for long haul company events
  
  

Join to apply for the Senior Security Operations Engineer role at Canonical

Continue with Google Continue with Google

3 months ago Be among the first 25 applicants

Join to apply for the Senior Security Operations Engineer role at Canonical

We have opened several senior/staff Security Operations Engineer (SOC) positions, creating a new team reporting to the CISO. We are looking for a range of experience in these positions - at the high end we are looking for deep experience defending highly contested critical assets and high-value cyber targets against advanced persistent threats and state-level actors. We have more junior roles for exceptional individuals with a proven personal interest an engagement in cyber attack and defence, and outstanding academic and career performance even if experience is limited.

Our goal is to build an entirely new level of assurance and observable rigour into the open source supply chain. We have our own estate to monitor, but more broadly our goal is to raise the robustness of the entire global Ubuntu estate through the work of this team.

The Security Operations (SecOps) team is responsible for design, implementation and evolution of Canonical security practices, techniques, tools, systems and policies. The team is the primary owner of strategy and practices that determine how Canonical secures its data, internal infrastructure and build processes. They are responsible for assuring the security and integrity of our own infrastructure and product deployments. They design and implement technical security controls that ensure security threats are automatically identified, contained and remediated. The team will also contribute ideas and requirements for Canonical product security, improving the resilience and robustness of all Ubuntu customers and users subject to cyber attack.

The SecOps team's mission is not only to secure Canonical, but also to contribute to the security of the wider open source ecosystem. They might share knowledge through public presentations and industry events, and share threat intelligence with the wider community or represent Canonical in sector-specific governance bodies.

What you will do in this role:

• Implement and evolve Canonical's Security Operation Center
• Analyse and improve Canonical's security architecture
• Evaluate, select and implement new security tools and practices
• Identify, contain and guide the remediation of security threats and cyber attacks
• Grow the presence and thought leadership of Canonical SecOps practice
• Contribute to open source threat intelligence initiatives
• Drive threat modelling, table top exercises and other SecOps practices across Engineering, IS and Canonical
• Develop Canonical SecOps learning and development materials
• Publish blog posts, whitepapers and conference presentations
• Identify, implement and track SecOps KPIs
• Plan and deliver SecOps work in the framework of Canonical's agile engineering practice
• Work with Security leadership to present information and influence change
  
  

• An exceptional academic track record
• Undergraduate degree in Computer Science or STEM, or a compelling narrative about your alternative path
• Previous professional experience working or leading a Security Operation Center
• Deep personal motivation to be at the forefront of technology security
• Expertise in threat modelling and risk management frameworks
• Knowledge of security architecture and market-leading security tools
• Experience contributing to, and consuming, threat intelligence feeds
• Experience in security risk management frameworks such as NIST CSF and ISO27001
  
  

• Experience in a security operations team or a security operations centre (SOC)
• Experience in offensive or defensive security teams with hands-on ability
• Experience with state-actor and other advanced persistent threats
  
  

• Distributed work environment with twice-yearly team sprints in person
• Personal learning and development budget of USD 2,000 per year
• Annual compensation review
• Recognition rewards
• Annual holiday leave
• Maternity and paternity leave
• Employee Assistance Programme
• Opportunity to travel to new locations to meet colleagues
• Priority Pass, and travel upgrades for long haul company events
  
  

• Seniority level Mid-Senior level

• Employment type Full-time

• Job function Information Technology
• Industries Software Development

Referrals increase your chances of interviewing at Canonical by 2x

Manama, Capital Governorate, Bahrain 3 months ago

Manama, Capital Governorate, Bahrain 4 weeks ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

• Monitor security alerts and events from various security tools (SIEM, IDS/IPS, EDR, etc.).
• Conduct in-depth investigations into security incidents, determining scope, cause, and impact.
• Develop and execute incident response plans and procedures.
• Perform threat hunting to proactively identify and neutralize advanced threats.
• Analyze malware, phishing attempts, and other cyberattack methodologies.
• Manage, configure, and optimize security monitoring tools.
• Develop and maintain security operational playbooks and runbooks.
• Contribute to vulnerability management and risk assessment processes.
• Collaborate with IT teams to implement security controls and remediation measures.
• Stay current with the latest cybersecurity threats, trends, and technologies.
• Prepare and present detailed reports on security incidents and operational activities.

• Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field.
• Minimum of 5 years of experience in cybersecurity operations or incident response.
• Strong knowledge of SIEM platforms, intrusion detection/prevention systems, and endpoint detection and response (EDR) solutions.
• Expertise in network security, operating systems (Windows, Linux), and common security vulnerabilities.
• Experience with threat intelligence platforms and frameworks (e.g., MITRE ATT&CK).
• Excellent analytical, problem-solving, and critical thinking skills.
• Ability to work effectively under pressure and manage multiple concurrent investigations.
• Strong written and verbal communication skills.
• Relevant certifications such as CISSP, GIAC, CEH are highly preferred.

• Monitor security alerts and events from various sources, including SIEM, IDS/IPS, firewalls, and endpoints.
• Analyze security incidents to determine their scope, impact, and root cause.
• Develop and execute incident response plans, containing and eradicating threats.
• Conduct forensic investigations and provide detailed reports on security breaches.
• Identify and analyze vulnerabilities in systems and applications, recommending mitigation strategies.
• Develop and implement security best practices, policies, and procedures.
• Stay current with the latest threat intelligence, attack vectors, and security technologies.
• Configure and tune security tools to optimize detection capabilities.
• Collaborate with IT teams to implement security controls and remediate vulnerabilities.
• Participate in security awareness training programs for employees.
• Contribute to the development and maintenance of the Security Operations Center (SOC) playbooks.
• Perform regular security assessments and penetration testing.
• Develop and present security metrics and reports to management.

• Bachelor's degree in Computer Science, Information Security, or a related field. Relevant certifications (e.g., CISSP, GSEC, CEH) are highly desirable.
• Minimum of 5 years of experience in Security Operations Center (SOC) analysis, incident response, or cybersecurity.
• Proven expertise in SIEM platforms (e.g., Splunk, QRadar, ArcSight) and security monitoring tools.
• Strong understanding of networking protocols, operating systems, and cybersecurity frameworks (e.g., NIST, ISO 27001).
• Experience with incident response methodologies and digital forensics.
• Proficiency in scripting languages (e.g., Python, PowerShell) for automation is a plus.
• Excellent analytical, problem-solving, and critical thinking skills.
• Strong communication and interpersonal skills, with the ability to explain complex technical issues to non-technical audiences.
• Ability to work independently and as part of a team in a high-pressure environment.
• Willingness to work rotating shifts or on-call as needed.

• Design, deploy, and manage security infrastructure, including SIEM, SOAR, firewalls, IDS/IPS, and endpoint security solutions.
• Develop and tune security detection rules and alerting mechanisms.
• Monitor security systems for threats and anomalies, and lead incident response efforts.
• Conduct threat hunting activities to proactively identify and mitigate security risks.
• Perform vulnerability assessments and work with IT teams to remediate findings.
• Develop and maintain security automation scripts and playbooks.
• Collaborate with engineering and IT teams to integrate security into the development lifecycle.
• Stay current with the latest cybersecurity threats, vulnerabilities, and defensive techniques.
• Contribute to the development and maintenance of security policies and procedures.
• Provide technical guidance and mentorship to junior security analysts.
• Participate in security audits and compliance initiatives.

• Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related field.
• 5+ years of experience in security operations, incident response, or security engineering.
• Expertise in configuring and managing SIEM platforms (e.g., Splunk, LogRhythm, QRadar).
• Strong experience with security automation tools and scripting languages (e.g., Python, PowerShell).
• In-depth knowledge of networking protocols, operating systems, and cloud security.
• Experience with EDR, DLP, and vulnerability management solutions.
• Relevant security certifications (e.g., CISSP, GIAC, CCSE) are highly desirable.
• Excellent analytical, problem-solving, and critical-thinking skills.
• Strong communication and collaboration abilities.
• Ability to work effectively in a hybrid work environment.