Key skills
CloudSplunkCloud Security
About this role
Role Overview
- Perform initial triage and advanced analysis tasks across endpoint, SIEM, server, and network infrastructure.
- Perform proactive security investigations and searches on client environment to detect malicious activities.
- Perform Incident investigations and deep dive analysis on detected threats.
- Understand and identify indicators of attack and compromise in alerts, by hunting through data, and by reviewing past investigations.
- Have full understanding of the MITRE ATT&CK framework. Mapping clients' use cases to tactics and techniques.
- Triage, review, and provide log data for more insight and recommendations to escalate through SIEM.
- Effective oral communications and writing/drafting skills.
- Maintain up to date knowledge and understanding of the current threat landscape.
Requirements
- 3 or more years of progressing/in-depth IT security experience.
- Demonstrate experience in using Endpoint Detection and Response software (SentinelOne, CrowdStrike, Defender, etc.)
- Advanced knowledge of SIEM platform (Splunk)
- Experience in SOC and Incident Response activities.
- Understanding of SIEM correlation, use cases and events.
- Should hold at least one industry certification Sec+, CEH, SC 200, Any Cloud Certification and Cloud Security Fundamentals.
- Basic scripting or development experience would be an added advantage.
Tech Stack
- Cloud
- Splunk
Benefits
- Medical Insurance
- Employee + dependents covered
- Life Insurance
- Protection for what matters most
- Retirement Match Program
- We invest in your future
- Hybrid Work Model
- 2–3 days in office
- Maternity & Paternity Leave
- Time for the moments that matter
- Paid Time Off
- PTO + sick & casual leave
- Bereavement & Volunteer Time
- Give back to your community
- Professional Development
- Reimbursement program
- LinkedIn L&D Platform
- Thousands of courses at your fingertips
- Mobile Phone Reimbursement
- Stay connected, on us