SOC Presales Engineer

To apply: Please send a brief cover letter and your resume to

Role Overview

Nettitude operates a 24/7 Security Operations Center (SOC) in order to manage the detection and response of cyber security incidents on client networks. The Nettitude SOC is expanding its capacity across North America. As part of that expansion, there is a new vacancy for a Presales Engineer.

Role Description

The successful candidate will be able to bridge the gap between commercial and technical operations. Key areas of responsibility for this role include:

  • Presentations to potential clients, e.g. explaining Nettitude managed services.
  • Technical scoping to determine scope and pricing.
  • Business Intelligence Workshops, to ensure the client network and processes are fully understood prior to on-boarding.
  • Client on-boarding, including managing user acceptance milestones.
  • Production of high level reports detailing monthly client findings and operations.
  • Regular service reviews to ensure client satisfaction.

This is a demanding role that requires operational experience. The role is most suited to an experienced technical person who has started to move in a commercial direction. Initial and ongoing training will be provided to build on the right candidates experience levels.


The following skills are required for this role:

  • Strong written and verbal communication skills, including presentations.
  • Commercial awareness.
  • Ability to understand scope and requirements.
  • Defensive security, including hands on capabilities with at least one major SIEM and EDR product.
  • Common enterprise technologies, e.g. Active Directory.
  • Network architecture design and comprehension.
  • General cybersecurity technical skills and awareness.

Please note that robust technical skills are required for this role.


The following experience is strongly advised for this role:

  • At least five years of recent SOC experience.
  • Scoping and commercially modelling security solutions.
  • Assessing infrastructure and security risks within a client’s environment.
  • Host or network intrusion.
  • SOC Toolsets, e.g. LogRhythm or similar SIEM toolsets; Carbon Black, Tenable, etc.
  • IDS and IPS, e.g. Snort, Palo Alto, Checkpoint, etc.
  • Analysis of Event Logs, Active Directory and permissions-based control systems.
  • Windows and Linux Operating Systems and logging requirements.
  • Understanding of TCP/IP and underlying network protocols.


Nettitude does not have strict certification requirements and recognizes the value of experience. The following certification would be considered advantageous for this role.

  • CISSP, CISM, or CASP type certifications.
  • SIEM or EDR specific certification.
  • Cloud vendor certification; especially AWS and Azure.
  • Relevant SANS certification.
  • Any host or network intrusion certification.
  • Any other technical or commercial certification the candidate feels is relevant.

Higher education degrees, especially BSc and MSc, are desired but not mandatory.
Experience and current skills will be the primary factors in determining the right candidate for this role.

To apply: Please send a brief cover letter and your resume to