You will manage security operations and detection engineering to protect cloud and on-premise environments.
Responsibilities
Implement and manage detection and response-based security controls within public cloud environments.
Utilize SIEM and security operations tools to monitor and respond to threats.
Apply threat modeling and detection engineering best practices to strengthen security posture.
Develop automated security solutions using programming and Infrastructure as Code.
Collaborate with Agile teams to drive technical security outcomes.
Required Skills
3+ years of experience with SIEM and security operations tools (Splunk ES, Anvilogic, Palo Alto Cortex, CrowdStrike, MS Sentinel, or Google Chronicle).
3+ years of experience specifically with Splunk.
3+ years of experience with detection and response-based security controls in AWS, GCP, or Azure.
2+ years of experience with WIZ.
Proficient programming skills in Python, Java, or C++.
Solid understanding of data structures, algorithms, and threat modeling.
Experience with Infrastructure as Code (CDK, CloudFormation, or Terraform).
Experience with Git-based source code management.
Familiarity with threat intelligence feeds, cybersecurity frameworks, and incident response methodologies.