Summary

Your role:

1. Monitor and analyze security events in real time using SIEM, EDR, DLP, UEBA,and IDS/IPS tools.
2. Lead investigations into complex security incidents and coordinate effective response actions.
3. Develop and fine-tune detection rules based on the MITRE ATT&CK framework.
4. Automate response workflows using SOAR platforms and scripting languages like Python or PowerShell.
5. Collaborate with cross-functional teams to strengthen infrastructure and application security.
6. Integrate threat intelligence into detection systems to proactively mitigate risk.
7. Mentor junior analysts and contribute to developing SOC documentation and playbooks.
8. Support audits, reporting, and compliance activities with evidence-based practices.

What makes you stand out:

1. Proven Experience: 4+ years working in a Security Operations Center or hands-on cybersecurity role with demonstrated incident response leadership.
2. Technical Expertise: Deep knowledge of SIEM platforms (e.g., Splunk, Sentinel), EDR tools (e.g., CrowdStrike, SentinelOne), log analysis, and scripting.
3. Security Acumen: Strong understanding of network protocols, cloud security (AWS, Azure, GCP), endpoint forensics, and attacker TTPs.
4. Certifications (Preferred but not required): GIAC (e.g., GCIA, GCIH, GCFA), OSCP, CISSP, or equivalent.
5. Threat Framework Familiarity: Confident working with MITRE ATT&CK, NIST, Cyber Kill Chain, etc.
6. Automation Enthusiast: Comfortable building custom SOAR playbooks and using scripting to improve SOC workflows.
7. Mentorship Mindset: Experience guiding junior team members, sharing knowledge, and fostering a high-performance culture.
8. Clear Communicator: Strong written and verbal skills to clearly explain complex security issues to both technical and non-technical audiences.

Skills

• Analytical Thinking
• Communications Skills
• Development
• Leadership
• Operations
• Software Engineering
• Team Collaboration