We are an IT Solutions Integrator/Consulting Firm helping our clients hire the right professional for an exciting long term project. Here are a few details.
Key Responsibilities:
Conduct detailed investigations of security incidents, including data collection, root cause analysis, and recovery, ensuring SLA compliance.
Optimize SIEM correlation rules, use cases, and custom detections to minimize false positives and enhance detection accuracy.
Develop new SIEM use cases and response playbooks based on threat intelligence, evolving TTPs, and internal security gaps.
Review and improve alert quality by refining or retiring outdated detection logic and recommending better strategies.
Mentor and support L1 analysts to strengthen their detection and response skills.
Continuously monitor SIEM and other security tools for alerts related to potential threats, anomalies, or policy violations.
Lead incident response activities, ensuring swift containment, eradication, and preservation of forensic evidence for analysis.
Correlate data across multiple sources to detect security incidents and generate actionable intelligence.
Collaborate with cross-functional teams and SMEs to troubleshoot and resolve complex security issues promptly.
Analyze logs, metrics, and system behaviors to identify patterns and early indicators of compromise.
Document incidents, root causes, and resolutions, contributing to the continuous improvement of response playbooks.
Share threat insights and best practices within the team to foster ongoing learning and capability enhancement.
Communicate critical incidents to leadership and recommend both tactical and strategic mitigation measures.
Ensure SOC operations adhere to organizational policies, regulatory standards, and industry best practices.
Education:
Bachelor’s degree in Computer Science, Cybersecurity, or related field, or equivalent professional experience.
Required Skill Set:
4+ years of hands-on experience in Information Security, SOC operations, or incident response.
Strong understanding of cybersecurity frameworks and methodologies such as MITRE ATT&CK, Cyber Kill Chain, and NIST IR.
Solid knowledge of cloud security concepts and tools; expertise with EDR, SIEM, and firewall technologies.
Deep understanding of network and security fundamentals, including operating systems, TCP/IP, ports, IDS/IPS, and detection mechanisms.
Familiarity with malware analysis and sandbox environments.
Ability to interpret complex security alerts and logs and translate findings into actionable responses.
Excellent communication, documentation, and collaboration skills for effective stakeholder engagement.
Successful companies gain back 30% of their budget & time each year. How?
They partner with Alignity to solve their challenges in
- Digital Transformation
- Employer Branding & Hiring
- Performance Innovation
See others share their specific benefits by partnering with us:
Clients: https://alignity.io/talent-acquisition/#WhyClientsTrustUs
Employees: https://alignity.io/candidate-services/#WhyEmployeesLoveUs
Connect with us if you are looking for Outsourcing, Staffing solutions in below niches
- Cloud/Data
- Cybersecurity
- AI/ML
- Fullstack
- Agile
- SAP
