Job Description

Ensign is hiring !
Key Responsibilities
1. Technical Leadership and DeliveryProvide hands-on technical leadership in the design, deployment, and optimization of SOC-related technologies (SIEM, SOAR, TIP, UEBA, BAS, Data Streaming, etc.). Act as the technical authority for solution design, integration, and performance validation across hybrid and multi-cloud environments. Lead complex client implementations, ensuring solutions meet functional and security requirements. Mentor and guide engineers in advanced SOC technologies, detection engineering, and automation best practices. Support project managers in technical planning, risk mitigation, and quality assurance.

2. Advanced Analytics EngineeringDevelop and fine-tune advanced detection, correlation, and automation content for SOC platforms. Build and enhance Detection-as-Code and Automated Response Frameworks, integrating with AI/ML and Threat Intelligence pipelines. Design and implement scalable data pipelines and enrichment workflows to support large-scale analytics. Conduct architecture and performance reviews to continuously improve visibility, detection fidelity, and response efficiency.

3. Presales and Solution DesignCollaborate with sales and solution teams to participate in technical discussions, proof-of-value (POV) exercises, and proposal development. Design solution architectures, prepare BOMs, and develop scopes of work (SOWs) for client proposals and tenders. Deliver technical presentations, demonstrations, and workshops to clients and prospects. Evaluate emerging technologies and recommend innovations to enhance SOC capabilities.

4. Technical Governance and SupportEstablish and maintain governance frameworks for detection content, response playbooks, and integrations. Provide advanced troubleshooting and escalation support for complex SOC environments. Develop and maintain detailed technical documentation, configuration baselines, and operational guides.

Qualifications and RequirementsBachelor's Degree in Computer Science, Information Technology, or Cybersecurity, or equivalent experience. 5-8 years of hands-on cybersecurity experience, including deployment and management of SOC technologies. Proven technical leadership in SOC engineering or advanced analytics domains. Deep expertise in at least two of the following: + SIEM/XDR/UEBA: Splunk, Elastic, Exabeam, Microsoft Sentinel, Google SecOps, Crowdstrike, Palo Alto XDR
+ SOAR: Cortex XSOAR, Splunk SOAR, or equivalents
+ TIP: Anomali, EclectiqIQ, or similar platforms
+ BAS/Data Streaming: Cymulate, AttackIQ, Cribl, Confluent, etc.
Experience with DevSecOps, CI/CD automation, or Cloud environments (AWS, Azure, GCP). Strong problem-solving and troubleshooting skills, capable of resolving complex technical escalations. Excellent communication and documentation skills; comfortable engaging with technical and non-technical stakeholders. Professional certifications such as SANS, ISC2, Splunk, Elastic, or Cloud Security credentials are advantageous. * A passion for cybersecurity innovation, continuous learning, and elevating technical standards across the team.