Senior SOC Engineer

Metro Global Solution Center (MGSC) is internal solution partner for METRO, a €31 Billion international wholesaler with operations in more than 30 countries. The store network comprises a total of 623 stores in 21 countries, of which 522 offer out-of-store delivery (OOS), and 94 dedicated depots. In 12 countries, METRO runs only the delivery business by its delivery companies (Food Service Distribution, FSD). 

HoReCa and Traders are core customer groups of METRO. The HoReCa section includes hotels, restaurants, catering companies as well as bars, cafés and canteen operators. The Traders section includes small grocery stores and kiosks. The majority of all customer groups are small and medium-sized enterprises as well as sole traders. METRO helps them manage their business challenges more effectively. 

MGSC, location wise is present in Pune (India), Düsseldorf (Germany) and Szczecin (Poland). We provide HR, Finance, IT & Business operations support to 31 countries, speak 24+ languages and process over 18,000 transactions a day. We are setting tomorrow’s standards for customer focus, digital solutions, and sustainable business models. For over 10 years, we have been providing services and solutions from our two locations in Pune and Szczecin. This has allowed us to gain extensive experience in how we can best serve our internal customers with high quality and passion. We believe that we can add value, drive efficiency, and satisfy our customers.

●As aSenior SOC Engineer as part of theCyber Defense Operations Center (CDOC)you will work in the Detection and Response Engineering team with a focus on XDR, SIEM and SOAR technologies. You’ll be responsible for helping the SOC Specialist in integrating log sources, reviewing and developing use cases and response playbooks.

●This role requires in-depth knowledge of custom parsing, python scripting, REGEX, API Integration and playbook creation, hence also experienced Software Developers or similar hands-on roles are welcomed to apply

Qualification:

●Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.

●4-7 years of total experience in SecOps/DevOps , in a large multi-national organization or in a known MSSP. In addition, candidate should posses at least 3 years of working experience automation, integration and custom parser creation for SecOps/DevOps tools like SIEM, SOAR or ITSM tool.

●Lateral joiners from other hands-on information technology roles are highly welcomed to apply!

Experience 

●Design and build custom parsers for diverse log formats, threat feeds, and telemetry sources.

●Develop integration guides for connecting security tools with external systems (e.g., cloud platforms, identity providers, ticketing systems).

●Write technical documentation for parser configuration, schema mapping, normalization, and enrichment workflows.

●Test and validate parser outputs to ensure accurate data extraction and ingestion.

●Continuously improve SIEM/SOAR/XDR alert use cases and detection logic.

●Create tutorials and walkthroughs for parser development using Python, Regex, and AI prompts.

●Collaborate with the overall Cyber Defense team to capture use cases, edge cases, and operational needs.

●Maintain integration documentation for REST APIs, webhooks, and SDKs across security platforms.

Technical & Soft Skills:

●Proven experience in technical writing and content creation for security products.

●Hands-on expertise in log parsing, data normalization, and custom parser development.

●Proficient with SIEM platforms, log formats (JSON, Syslog, XML), and parsing tools (Regex, Logstash) an AI prompting.

●Skilled in REST APIs, JSON schemas, and integration workflows.

●Familiar with cloud-native security tools (AWS GuardDuty, Azure Sentinel, Google Chronicle).

●Competent in using Git, Markdown, and documentation platforms (e.g., Confluence, DITA).

●Strong ability to translate complex technical concepts into clear, actionable content.

●Experienced in producing executive summaries and detailed technical SOPs.

●Effective team collaborator with strong communication skills.