Sr. Information Security Ops

Technical Subject Matter Expert (SME) – Cyber Security

Key Responsibilities

Advanced Incident Response & Threat Hunting

• Lead end-to-end incident response activities and proactively hunt for emerging threats across complex environments.

Use Case Development & SIEM Optimization

• Design, enhance, and fine-tune SIEM use cases to improve detection accuracy and reduce false positives.

Threat Intelligence Integration & Analysis

• Integrate threat intel feeds, correlate insights, and drive actionable intelligence for SOC teams.

SOC Process Governance & Playbook Enhancements

• Establish and improve operational processes, SOPs, and incident response playbooks to ensure maturity and efficiency.

Cross-Functional Coordination & Leadership

• Collaborate with IT, network, cloud, and security teams to ensure seamless incident handling and security alignment.

SOAR Automation & Efficiency Improvements

• Build and optimize SOAR workflows to automate repetitive tasks and accelerate response actions.

Compliance, Audit Support & Risk Management

• Support internal/external audits, ensure compliance with security standards, and contribute to risk mitigation strategies.

Scripting & Automation (Python)

• Utilize basic Python skills to develop scripts for automation, data analysis, and tool enhancements.

Linux Expertise

• Apply strong Linux concepts for system analysis, log review, and troubleshooting in security investigations.

Elastic Search Expertise

• Leverage Elasticsearch for log analytics, detection logic development, and threat investigation.

Knowledge of ML/AI

• Work with ML/AI-based tools and concepts to enhance detection capabilities and security analytics.

API Knowledge

• Integrate and utilize APIs for automation, threat intelligence, SIEM/SOAR enhancements, and tool interoperability.