Description

Role Responsibilities
• Monitor SIEM alerts (Splunk, QRadar) and triage incidents across client environments
• Lead incident response investigations from detection through containment and recovery
• Tune detection rules to reduce false positives and surface real threats faster
• Perform threat hunting based on MITRE ATT&CK tactics and threat intelligence
• Document findings in clear post-incident reports for client stakeholders
• Contribute to SOC automation using SOAR platforms (Cortex XSOAR, Splunk Phantom)
Essential Skills
• 3+ years in a SOC, incident response, or blue team role
• Hands-on experience with at least one major SIEM (Splunk, QRadar, Sentinel)
• Familiarity with EDR tools (CrowdStrike, SentinelOne, Defender for Endpoint)
• Solid understanding of networking, Windows/Linux internals, and common attack patterns
• Security+ / CEH / GCIA certification preferred
• Strong written and verbal communication; comfortable on client calls

Key Skills

Education

Any Graduate