Job Summary Job Description What is the Opportunity?
What will you do?
- Respond to and investigate complex security detections across multiple environments and technologies in a timely manner
- Provide 7/24 support (rotational basis) for high severity incidents escalated from security vendors, GCS partners and the business
- Perform technical investigation and triage activities of security alerts based on potential impact and risk to the organization
- Escalate confirmed threats to SOC management and the Incident Response team as required based on criticality
- Develop, distribute and present technical findings regarding threats, attack vectors and detection techniques
- Maintain awareness of detection trends and alert metrics in order to enhance our security controls and overall defensive strategy
- Derive insights from day-to-day cyber investigations to identify security gaps and improve the organization's security posture
- Partner with detection engineers to enhance security monitoring rules and reduce false positive alerts
- Collaborate with SOAR engineers to optimize and automate detection and response capabilities
- Document, mature and maintain Triage Standard Operating Procedures (SOP)
- Assist in the proactive hunting of unknown threats and suspicious activities within the environment as required
What do you need to succeed? Must have:
- Minimum 3 years of experience in a SOC environment
- Significant experience in performing investigation and triage activities of security events
- Advanced understanding of SIEM platforms
- Solid knowledge of security tools (NDR, EDR, IDS/IPS, WAF, etc.)
- Exposure to malware and sandbox analysis
- Knowledge of cybersecurity frameworks (Cyber Kill Chain, NIST, MITRE ATT\&CK, etc.)
- Robust computer networking \& OS knowledge
- Availability for rotating pager duty support for after hours and holidays
- Excellent work ethics, problem-solving and verbal/written communication skills
Nice-to-have
- Experience with SOAR platforms
- Familiarity with threat hunting techniques and scenarios
- Knowledge in detection engineering
- Understanding of current threat landscape and threat actor TTPs
- Cloud security experience
- Experience with scripting languages (PowerShell, python, regex, bash, etc.)
- Some exposure to purple team activities
- Bachelor's degree in Computer Science or related field
- Industry recognized certifications from ISC2, SANS, ISACA, etc.
What's in it for you?
- A comprehensive Total Rewards Program including bonuses and flexible benefits, competitive compensation, commissions, and stock where applicable.
- Leaders who support your development through coaching and managing opportunities.
- Ability to make a difference and lasting impact.
- Work in a dynamic, collaborative, progressive, and high-performing team.
- Flexible work/life balance options.
- Opportunities to do challenging work.
- Opportunities to take on progressively greater accountabilities.
- Opportunities to building close relationships with clients.
Job Skills
Additional Job Details Address:
City:
Country:
Work hours/week:
Employment Type:
Platform:
Job Type:
Pay Type:
Posted Date:
Application Deadline:
Note : Applications will be accepted until 11:59 PM on the day prior to the application deadline date above I **nclusion and Equal Opportunity Employment**
Join our Talent Community
