Responsibilities:
Develop and implement automation workflows to improve alert investigation and response efficiency.
Investigate and respond to security alerts, ensuring timely and effective resolution of incidents.
Identify false positives and collaborate on SIEM/SOAR tuning to enhance detection accuracy.
Apply creative, out-of-the-box thinking to solve complex security challenges and strengthen SOC capabilities.
Handle phishing incidents, including analysis, containment, and mitigation efforts.
Work closely with IT and DevOps teams to resolve security issues and promote best practices.
Contribute to the growth and maturity of a dynamic SOC team.
Participate in on-call rotations for incident response outside of regular working hours.
Requirements:
3+ years of experience in a SOC team or similar security role.
Hands-on experience with SIEM technologies such as Splunk, Coralogix
Hands-on experience in threat hunting and incident response on cloud environments (AWS) and SaaS products (OKTA, Google workspaces, Github etc).
Skills & knowledge:
Strong knowledge of security technologies such as XDR, CSPM, WAF, etc.
Solid understanding of cybersecurity principles, including threat detection, incident response, and phishing.
Familiarity with common cloud and SaaS attack vectors and misconfigurations.
Excellent communication skills and fluency in English, both spoken and written, with a positive and collaborative attitude.
Advantage:
Experience working with security automation tools (e.g., Torq, Cortex XSOAR, Splunk SOAR).
