Job Description

• Lead customer engagements on SIEM & SOAR implementation with use case and playbook documentation.
• Provide hands-on solutions, customization and tuning, automation, and use case development for different SIEM solutions.
• Collaborating with multiple stakeholder teams including the SOC, Threat Modeling & Hunting Teams.
• Creating strategies, technical plans, and architectures to audiences of technical and executive leadership as required.
• Continuously improve threat detection capabilities, use cases and playbooks.
• Mentor and guide the detection engineering team and plan training activities.

• A bachelor’s degree in computer science, IT, or a Cybersecurity related field.
• One or more certifications including CompTIA CySA+, CSA, Cloud etc.
• Minimum 4 years of hands on technical SIEM experience, with 2-3 of those years focused on creating use cases and detection focused automation.
• 2-3 years of experience working directly in SOC, Threat Hunting or an Incident Response Team.
• Deep understanding of SOC, SIEM, and other engineering best practices, limitations, and ways of extending or customizing threat detection automation related use cases.
• Experience with one or more SIEM solutions out of Microsoft Sentinel, Google Chronicle, IBM QRadar, Splunk or Wazuh.
• Demonstrate hands-on skills in a major scripting/programming language or a search query language (KQL, YARA, DQL, etc.) for use in use case development.
• Experience with cloud services will be an added advantage.