Description
You will lead investigations and incident response efforts to protect internal and external environments from security threats.
Responsibilities
- Investigate and respond to security threats, remediating DLP and SIEM events across on-premise and cloud systems.
- Manage and improve security monitoring products including DLP, SIEM, EDR, AV, Cloud Security, and IDS.
- Perform threat hunting and research new TTPs to identify compromised resources and improve detection capabilities.
- Develop automation response scripts to remediate commodity threats and maintain operational playbooks.
- Collaborate with MSSP services, forensic providers, and IT teams to identify root causes and remediate security incidents.
Required Skills
- 10+ years of experience in cyber security operations.
- Deep expertise in DLP, EDR, and SIEM management.
- Hands-on experience with AV and Cloud Security products.
- Proficiency in monitoring SaaS and cloud-based systems.
- Ability to perform threat analysis using Kill Chain and Diamond Model frameworks.
- Experience implementing advanced monitoring across networks, servers, and endpoints.
- Capability to distinguish between anomalous activities and benign events.
- Experience reviewing security deployments to ensure monitoring requirements are met.
Education
Any graduate
- Posted On: 30+ Days Ago
- Experience: 10+ years of experience
- Category: Cyber Security Operations Analyst
- Tenure: Flexible Position