Key Responsibilities
Design and maintain monitoring flows and detection use-cases across SIEM and related systems.
Develop, optimize, and tune security rules, alerts, and dashboards.
Integrate threat intelligence feeds into monitoring tools.
Lead and support security investigations, from triage to remediation.
Coordinate with internal teams and external partners to contain and resolve incidents.
Create and maintain playbooks, runbooks, and IR documentation.
Build and maintain security automation and orchestration workflows to accelerate response.
Ensure compliance with security policies, frameworks, and regulatory requirements (SOC 2, ISO 27001, GDPR, etc.).
Maintain clear documentation of procedures, incidents, and improvements.
3+ years of experience in Security Operations & IR
Hands-on experience with SIEM platforms
Strong knowledge of cloud security (AWS, Azure, or GCP).
Experience with SaaS products required.
Proven experience creating and tuning detection rules, dashboards, and reports.
Experience with automation tools
Familiarity with EDR, WAF, DLP, and vulnerability management tools.
Solid understanding of network protocols, logs, and common attack techniques.
Experience working with ticketing systems
Excellent problem-solving, analytical, and communication skills.
Ability to work in a fast-paced environment and manage multiple priorities.
Knowledge in Python – Advantage
Deep understanding of the MAC OS and Windows environments
Soft Skills
Motivation to grow, learn, and think outside the box
Problem-solving skills in a complex technical environment
Ability to manage multiple tasks and prioritize effectively in a fast-paced environment.
Able to work in a dynamic work environment and under pressure
A customer-oriented approach with a passion for helping others.
Open-minded and a team player
Fluent in spoken English
