Principal Information Security Engineer / SOC Lead

Job Description

Company: VaporVM

Location: AE

Job Description:
Job Summary
We are seeking a highly experienced and results-driven Principal Information Security Engineer / SOC Lead to lead advanced cybersecurity operations, threat detection, and data protection initiatives. The ideal candidate will have deep expertise in SOC operations, SIEM, Microsoft XDR ecosystem, DLP, DevSecOps, and cloud security, with proven experience in leading teams, managing incidents, and strengthening enterprise security posture.
Key Responsibilities
Sec

urity Operations & Incident Response

Lead Tier-2 SOC operations, ensuring continuous monitoring and rapid response to security incidents
Perform in-depth analysis of security alerts, logs, and threat intelligence feeds
Conduct threat hunting using advanced tools such as Microsoft Defender XDR
Lead incident response activities, including root cause analysis and forensic investigations
Ensure timely escalation and resolution of incidents in line with SLA requirements

SIEM, XDR & Security Monitoring

Design, deploy, and manage SIEM solutions (e.g., IBM QRadar, Microsoft Sentinel)
Manage and optimize Microsoft XDR stack:
Microsoft Defender for Endpoint
Microsoft Defender for Identity
Microsoft Defender for Cloud
Microsoft Defender for O365

Develop and fine-tune detection rules, use cases, and correlation logic
Integrate threat intelligence feeds to enhance detection capabilities
Maintain dashboards and reporting for management visibility

Data Loss Prevention (DLP) & Compliance

Lead end-to-end DLP program, including strategy, deployment, and governance
Define and manage DLP policies, classification, and data protection controls
Handle DLP incidents, investigations, and remediation
Ensure compliance with global data protection regulations (EU/US) and industry best practices
Generate executive reports on DLP metrics, risks, and effectiveness

Cloud Security & DevSecOps

Monitor and secure cloud environments (Azure, AWS) using tools like Azure Monitor and AWS CloudWatch
Implement DevSecOps practices and integrate security into CI/CD pipelines
Conduct code reviews and vulnerability assessments for secure application deployment
Secure microservices architecture through authentication, authorization, and encryption

Vulnerability Management & Security Testing

Perform Vulnerability Assessment & Penetration Testing (VAPT)
Identify, assess, and remediate vulnerabilities across infrastructure and applications
Conduct risk assessments and recommend mitigation strategies

Security Tools & Infrastructure Management

Manage and optimize enterprise security tools including:
Imperva WAF (web application protection)
CyberArk PAM (privileged access management)
Microsoft Intune (endpoint and device management)
Microsoft Purview (DLP, compliance, insider risk)
Fortinet Firewalls & VPNs
Forescout NAC (network access control)
Zscaler (Zero Trust & secure access)

Ensure continuous improvement, health checks, and performance optimization

Leadership & Collaboration

Lead and mentor SOC and DLP teams
Collaborate with IT, DevOps, and business stakeholders during incidents and projects
Manage vendor relationships and evaluate new security technologies
Support audits and regulatory compliance initiatives

Required Skills & Qualifications

Master s or Bachelor s degree in Information Security, Cybersecurity, or related field
6 10+ years of experience in cybersecurity, SOC, or information security roles
Strong expertise in:
SIEM (QRadar, Sentinel)
Microsoft XDR & Defender suite
DLP solutions (Forcepoint, Microsoft Purview)
Cloud security (Azure, AWS)
DevSecOps & CI/CD security

Hands-on experience with:
WAF, PAM, EDR/XDR, Firewalls, NAC, Zero Trust solutions

Strong knowledge of:
Networking, Active Directory, Linux
Threat intelligence, incident response, and forensics

Excellent analytical, problem-solving, and communication skills

Source: Naukrigulf