Job
Description
Role & responsibilities Desired qualifications • Bachelors degree in computer science, Cybersecurity, or related field, or equivalent experience. • Minimum of 2-4 years of experience in cybersecurity, IT security operations, or incident response. • Prior experience in a Security Operations Center (SOC) or handling security incidents in an enterprise environment. • Experience with security monitoring, SIEM platform tuning, and threat detection engineering. Technical Skills: - Advanced proficiency with Splunk, Azure Sentinel, ELK SIEM & EDR platforms (experience with other SIEM platforms like Azure Sentinel is a plus). - In-depth understanding of network protocols (TCP/IP, DNS, HTTP, etc.), security devices (firewalls, IDS/IPS, etc.), and endpoint security technologies (EDR, antivirus, etc.). - Hands-on experience with log analysis, data correlation, and incident investigation. - Familiarity with threat intelligence tools, data sources, and feeds. - Strong understanding of security frameworks, including MITRE ATT&CK, NIST, and OWASP. Preferred Certifications • CompTIA Security+, CEH or similar certifications. • Splunk, EDR Certified Security Engineer or other relevant certifications.
