SOC Engineer at Equity Bank Kenya

The Security Operations Center (SOC) Engineer plays a critical role in protecting the Bank’s information systems and data by continuously monitoring, analyzing, and responding to cyber security threats. Operating within a 24x7x365 SOC environment, the role is responsible for investigating correlated security events, identifying and escalating security incidents, and serving as a primary point of contact for suspected cyber security incidents. The SOC Engineer works closely with internal remediation and technical teams to coordinate effective incident response, contain and resolve threats, and strengthen the Bank’s cyber defence posture. This role requires strong hands-on technical expertise across multiple security domains, combined with the ability to communicate clearly and influence both technical and business stakeholders to ensure timely and effective security outcomes.

Key Responsibilities

• Support, troubleshoot, configure, manage, and upgrade SIEM, NTA, AV, DLP, Email Security, VPN, WAF and a wide variety of other security products.
• Perform network troubleshooting to isolate and diagnose common network problems, using strong TCP/IP networking skills.
• Installation, setup / configuration, troubleshooting, Tuning, diagnostics, and maintenance of IT security related equipment.
• Carry out proactive and reactive administration on Networking and associated applications Ensure adherence to process
• Respond to inbound requests via phone and other electronic means for technical assistance with managed devices.
• Respond in a timely manner (within documented SLA) to configuration, maintenance, incident management, and other requests.
• Document actions in ticketing system to effectively communicate information internally and to customers.
• Implement Policy Changes.
• Automation of Tasks to reduce manual operations.
• Troubleshoot L2/3 escalated issues and be a single point of contact for management of current security Infrastructure.
• Handle Network Security/Application Security/Security vulnerability management and Infrastructure risks
• Efficiently handles operations and analysis of Security Incidents.
• Design, implement, enhance, and manage Security Infrastructure.

Accountabilities and Deliverables

• Security monitoring and incident response
• Security tools operation and optimization
• Threat detection and analysis
• Network and infrastructure security management
• Vulnerability and risk management
• Automation and continuous improvement
• Incident documentation and reporting
• Stakeholder collaboration and communication

Qualifications

​​​​​​​Key Technical Skills

• Monitoring, analyzing, and responding to security threats
• Configuration, management, troubleshooting, tuning, and maintenance of security tools and infrastructure
• SIEM tool configuration and management
• Network troubleshooting using strong TCP/IP networking skills
• Incident response, intrusion methods, and attack monitoring
• Threat and vulnerability management
• Network security, application security, and infrastructure risk handling
• Automation of tasks using scripting languages (Python, Bash, PowerShell)

Experience Requirements

• Minimum of 5 years’ work experience in an Information Security operational role
• Hands-on experience working in a 24x7x365 Security Operations Center (SOC) environment
• Practical experience in configuration and management of server, network, cloud, and security appliances
• Strong experience in security monitoring, analysis, and incident response
• Experience in SIEM configuration and management