Key skills
AWSAzureCloudDNSPerlPythonAIClaudeGitHubFirewall
About this role
Role Overview
- Responsible for responding to threats identified through our technologies, threat intelligence, and proactive actions we drive
- Investigate alerts, such as malware detections or suspicious activities
- Provide analysis and lead response activities when an event becomes a security incident
- Mitigate or prevent risks at scale across a complex enterprise
- Monitor and respond to security alerts generated by technologies such as SIEM, IDS, EDR/XDR, Wiz, and various other sources within a given SLA
- Perform triage, in-depth analysis, and investigation as guided by processes and playbooks
- Assist with incident response and post incident reviews
- Detect & coordinate security vulnerabilities remediation
- Respond to security related service requests
- Communicate recommendations and guidance based on results of security incident analysis to the Engineering team or end user team
- Coordinate a response to the security incident with the relevant teams
- Develop, document, and implement runbooks, capabilities, and techniques for IR
- Maintain current knowledge and understanding of the threat landscape, emerging security threats, and vulnerabilities
- Work to create, leverage automation, continuously develop, and maintain mature information security technology infrastructure
- Collaborate and align closely with the Security Tools Administration team to create, test, and implement security controls and technology
- Assess alert rules for fine tuning
Requirements
- Bachelor's Degree holder
- Two (2) or more years of experience in Security Operations and handling security incidents
- Performing triage and investigation on AWS CloudTrail and Guard Duty security alerts
- AWS Certified Cloud Practitioner certification is preferred, but not required
- Knowledge in Microsoft Defender (MDE, MDC, MDI, M365), Firewall, DNS, Email Security tools, Azure, Entra, and Microsoft Sentinel
- Creating Security incident Playbooks and SOPs
- Leverage Automation workflows (GitHub, API integration)
- Experience in using AI models (MS Copilot, Claude, others)
- Some experience with coding, scripting, and query languages (python, perl, KQL)
- Willing to work on a rotating schedule
- Ability to quickly learn and apply enterprise AI tools and technologies to support technical workflows and business objectives
Tech Stack
- AWS
- Azure
- Cloud
- DNS
- Perl
- Python
Benefits
- Country specific benefits