| Min Experience | 2 years |
Your responsibilities
Security Monitoring and Incident Response:
Monitor security alerts and events from various sources, including SIEM, NDR, firewalls, and endpoint protection systems.
Analyse and triage security incidents to determine their severity and impact.
Respond to security incidents, including containment, eradication, and recovery efforts.
Document and report incidents, including root cause analysis and lessons learned.
Detection Engineering:
Develop and maintain detection rules, signatures, and use cases for SIEM and other security tools.
Continuously improve detection capabilities by incorporating threat intelligence and understanding emerging threats.
Perform regular tuning and optimization of detection mechanisms to reduce false positives and enhance detection accuracy.
Collaboration and Communication:
Work closely with other IT and security teams (2nd Line of Defense) to ensure comprehensive threat detection and response.
Communicate effectively with stakeholders, providing clear and concise updates on security incidents and investigations.
Participate in regular SOC meetings, providing insights and recommendations for improving security operations.
Documentation and Reporting:
Maintain detailed and accurate documentation of incident response activities and detection engineering efforts.
Prepare regular reports and metrics on IT SOC performance, incident trends, and detection effectiveness
Contribute to the development and maintenance of IT SOC playbooks, processes, and procedures
Your skills and experience
2+ years of experience in IT security operations, incident response, or a related role within a SOC or 1st Line of Defense environment.
Proficiency with SIEM and XSOAR platforms (e.g., Microsoft Sentinel, Splunk, Cortex XSOAR) and other security monitoring tools
Strong understanding of network protocols, operating systems, and common attack vectors.
Experience with scripting and automation (e.g., Python, PowerShell, KQL) to enhance detection and response capabilities.
Knowledge of threat intelligence and cyber threat landscape.
Your qualifications
Bachelor's degree in Computer Science, Information Security, or a related field. Relevant certifications (e.g., CISSP, CEH, GIAC) are a plus.