Job Description

Ensign is hiring !
Key Responsibilities:
1. Leadership and Project DeliveryLead and mentor a team of Cyber Security Consultants and Engineers focused on Advanced Analytics technologies. Drive presales and delivery outcomes, ensuring successful execution of client projects on schedule and within scope. Oversee solution design, architecture validation, and deployment of SOC-related platforms (SIEM, SOAR, TIP, UEBA, Data Streaming, BAS etc) Manage project delivery milestones, resource planning, and technical quality assurance. Provide mentorship and technical enablement to junior engineers to enhance team capability and knowledge retention.

2. Technical Expertise and Advanced Analytics EngineeringServe as the Subject Matter Expert (SME) for the deployment, integration, and optimization of SOC technologies across cloud, on-premises, and hybrid environments. Develop and maintain advanced detection, correlation, and automation content across SIEM and SOAR platforms. Drive the development of Detection-as-Code and Automated Response Frameworks, integrating with AI/ML and Threat Intelligence pipelines. Support integration of data streaming technologies and real-time enrichment for large-scale analytics. Conduct architecture reviews and recommend improvements to strengthen security visibility and performance.

3. Presales and Solution ArchitectureSupport pre-sales engagements by participating in technical discussions, proof-of-value (POV) exercises, and proposal development. Design and document solution architectures, bill of materials (BOMs), and scopes of work (SOWs) for tenders and enterprise bids. Conduct technical presentations, workshops, and demonstrations to prospective customers. Collaborate with sales teams to translate client needs into practical, scalable, and secure technical solutions. Identify, evaluate, and recommend new technologies relevant to Adaptive Defence and Detection for continuous SOC improvement.

4. Technical Governance and SupportEstablish governance processes for maintaining detection content, response workflows, and technology integrations. Provide post-sales technical support for troubleshooting, corrective actions, and preventive maintenance. Produce and maintain detailed technical documentation for deployments, configurations, and integrations.

Qualifications and Requirements:Bachelor's Degree in Computer Science, Information Technology, or Cybersecurity (or equivalent experience). Minimum 7 years of experience in cybersecurity, with hands-on experience across multiple SOC technologies and platforms. Proven experience leading technical teams and managing large-scale cybersecurity projects involving multiple technologies. Deep technical knowledge of SOC platforms, especially: + SIEM/XDR/UEBA (Splunk, Elastic, Exabeam, Microsoft Sentinel, Google SecOps, Crowdstrike, Palo Alto XDR etc)
+ SOAR (XSOAR, Splunk SOAR, or equivalent)
+ TIP (Anomali, EclectiqIQ or other threat intelligence platforms)
+ BAS/Data Streaming (Cymulate, AttackIQ,Cribl, Confluent, etc.)
Experience in DevSecOps, CI/CD automation, or Cloud environments (AWS, Azure, GCP). Strong analytical and troubleshooting skills; capable of resolving complex technical escalations. Excellent communication, presentation, and stakeholder engagement skills. Experience with project management practices and ability to manage competing priorities effectively. Security certifications such as SANS, ISC2, Splunk, Elastic, Microsoft Sentinel, or Cloud Security credentials are advantageous. * A passion for cybersecurity innovation and developing high-performing technical teams.