Ensign is hiring !

Key Responsibilities:

1. Leadership and Project Delivery

• Lead and mentor a team of Cyber Security Consultants and Engineers focused on Advanced Analytics technologies.
• Drive presales and delivery outcomes, ensuring successful execution of client projects on schedule and within scope.
• Oversee solution design, architecture validation, and deployment of SOC-related platforms (SIEM, SOAR, TIP, UEBA, Data Streaming, BAS etc)
• Manage project delivery milestones, resource planning, and technical quality assurance.
• Provide mentorship and technical enablement to junior engineers to enhance team capability and knowledge retention.

2. Technical Expertise and Advanced Analytics Engineering

• Serve as the Subject Matter Expert (SME) for the deployment, integration, and optimization of SOC technologies across cloud, on-premises, and hybrid environments.
• Develop and maintain advanced detection, correlation, and automation content across SIEM and SOAR platforms.
• Drive the development of Detection-as-Code and Automated Response Frameworks, integrating with AI/ML and Threat Intelligence pipelines.
• Support integration of data streaming technologies and real-time enrichment for large-scale analytics.
• Conduct architecture reviews and recommend improvements to strengthen security visibility and performance.

3. Presales and Solution Architecture

• Support pre-sales engagements by participating in technical discussions, proof-of-value (POV) exercises, and proposal development.
• Design and document solution architectures, bill of materials (BOMs), and scopes of work (SOWs) for tenders and enterprise bids.
• Conduct technical presentations, workshops, and demonstrations to prospective customers.
• Collaborate with sales teams to translate client needs into practical, scalable, and secure technical solutions.
• Identify, evaluate, and recommend new technologies relevant to Adaptive Defence and Detection for continuous SOC improvement.

4. Technical Governance and Support

• Establish governance processes for maintaining detection content, response workflows, and technology integrations.
• Provide post-sales technical support for troubleshooting, corrective actions, and preventive maintenance.
• Produce and maintain detailed technical documentation for deployments, configurations, and integrations.

Qualifications and Requirements:

• Bachelor’s Degree in Computer Science, Information Technology, or Cybersecurity (or equivalent experience).
• Minimum 7 years of experience in cybersecurity, with hands-on experience across multiple SOC technologies and platforms.
• Proven experience leading technical teams and managing large-scale cybersecurity projects involving multiple technologies.
• Deep technical knowledge of SOC platforms, especially:
  • SIEM/XDR/UEBA (Splunk, Elastic, Exabeam, Microsoft Sentinel, Google SecOps, Crowdstrike, Palo Alto XDR etc)
  • SOAR (XSOAR, Splunk SOAR, or equivalent)
  • TIP (Anomali, EclectiqIQ or other threat intelligence platforms)
  • BAS/Data Streaming (Cymulate, AttackIQ,Cribl, Confluent, etc.)
• Experience in DevSecOps, CI/CD automation, or Cloud environments (AWS, Azure, GCP).
• Strong analytical and troubleshooting skills; capable of resolving complex technical escalations.
• Excellent communication, presentation, and stakeholder engagement skills.
• Experience with project management practices and ability to manage competing priorities effectively.
• Security certifications such as SANS, ISC2, Splunk, Elastic, Microsoft Sentinel, or Cloud Security credentials are advantageous.
• A passion for cybersecurity innovation and developing high-performing technical teams.