Job Description

• This person would work closely with the SOC team and be responsible for incident detection, triage, analysis, and response.
• Investigate and analyze security incidents to determine their impact and root causes.
• Hands-on experience with configurations and management of SIEM tools (Sentinel, Splunk, Devo (preferred).
• Experience with incident management, use case development, and rule fine-tuning.
• Implemented alerting rules and thresholds in Devo to proactively monitor critical systems and detect anomalies or security breaches.
• Awareness on industry-standard security frameworks such as MITRE ATT&CK, OWASP, NIST, SANS, etc.

Primary Skills

• SIEM Devo
• Sentinel,
• Splunk

Secondary Skills

• preferably working in aSOC/NOC environment.
• Certifications: GCIH, CCSP, CEH
• Understanding of Crowdstrike, Qualys, Service Now, Splunk, AWS, Azure and GCP.
• Ability to work under pressure in a fast-paced environment.