SOC Engineer

About Flash

Flash is an early-stage Cairo-based fintech aiming to support our society’s financial well-being, one person at a time.
Flash has raised a $6M seed round from leading international investors and is approved by the Central Bank of Egypt in partnership with Banque Misr.
Our founding team has deep local and international experience working at top consumer-facing technology companies.

Position Overview

We are seeking a Security Operations Engineer to own the management and operation of our centralized logging and Security Information and Event Management (SIEM) platform. This role ensures that logs from critical systems are collected, monitored, and retained in compliance with security and regulatory requirements (SOC 2, PCI DSS, ISO 27001). The engineer will work closely with teams to detect threats, investigate incidents, and provide evidence for audits.

Key Responsibilities

• 
  Log Management & Retention

  • Configure and maintain log collection from servers, endpoints, applications, and cloud environments.

  • Ensure retention policies are enforced.

  • Regularly review log completeness and integrity.

• SIEM Administration

  • Manage SIEM platform (e.g., Wazuh, CrowdStrike Falcon).

  • Develop and maintain dashboards, alerts, and correlation rules.

  • Tune alerts to minimize false positives.

• Security Monitoring & Detection

  • Monitor SIEM alerts for indicators of compromise, misuse, or anomalies.

  • Investigate and escalate security incidents as required.

• Compliance & Audit Support

  • Provide logs, reports, and screenshots of configurations as audit evidence.

  • Support User Access Reviews (UARs) and log retention evidence for SOC 2.

  • Document processes for log and SIEM management.

• Incident Response

  • Support forensic investigations through log correlation and analysis.

  • Assist in root cause analysis and incident postmortems.

Qualifications

• 
  Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or related field (or equivalent experience).

• 3+ years experience in SIEM administration and log management.

• Hands-on experience with at least one SIEM platform (Wazuh, ELK/Opensearch, CrowdStrike Falcon).

• Strong knowledge of log formats (syslog, JSON, Windows Event Logs).

• Familiarity with compliance frameworks (SOC 2, PCI DSS, ISO 27001).

• Understanding of networking, Linux/Windows administration, and security concepts.

• Experience with scripting/automation.

• Strong analytical and problem-solving skills.

sAz5xPeObS