Job Description:
• Monitor, analyze, and correlate security events across SIEM platforms, EDR/XDR solutions, IDS/IPS systems, Threat intelligence feeds
• Investigate and validate security incidents, determine root cause
• Perform deep-dive analysis of suspicious activity
• Conduct incident response activities including containment, eradication, and recovery support
• Develop detailed incident reports, timelines, post-incident summaries
• Recommend improvements to SOC playbooks, detection rules
• Perform proactive threat hunting using MITRE ATT&CK framework
• Collaborate with engineering teams to tune and optimize security tools
• Support dashboard creation, reporting, and SOC performance metrics
• Serve as a subject matter expert (SME) interacting with stakeholders
• Document SOC processes, runbooks, incident handling procedures
• Coordinate with SOC teams, engineering teams, and agency stakeholders
Requirements:
• 10+ Years
• 2+ years of hands-on experience in Security monitoring and incident response
• 2+ years of experience working with MITRE ATT&CK framework
• Experience in Dashboard creation and security reporting
• Strong understanding of SIEM platforms
• Strong knowledge of cybersecurity principles and SOC workflows
• Bachelor’s degree in IT, Cybersecurity, or related field
• CISSP / CISA / equivalent advanced security certifications
• CEH / OSCP / GPEN or similar offensive security certifications
• Vendor-specific security certifications
Benefits:
• N/A