Responsibilities

• Monitor and triage security alerts and events from various sources including SIEM, IDS/IPS, firewalls, and endpoint protection systems.
• Conduct in-depth analysis of security events to identify potential security incidents or breaches.
• Investigate and triage security alerts, determining the scope, impact, and severity of the threat.
• Aid in development and maintain standard operating procedures (SOPs) for incident detection, response, and escalation.
• Perform threat hunting activities to proactively identify and mitigate emerging threats.
• Maintain and update security tools and technologies to ensure optimal performance and effectiveness.
• Provide timely and accurate reports on security activities, trends, and metrics to leadership and stakeholders.

Requirements

• Associates degree in Computer Science, Information Technology, Cybersecurity, or related field.
• 4+ years of experience working in a security operations center or similar role.
• Proficiency in using security tools such as SIEM, IDS/IPS, endpoint detection and response (EDR), and threat intelligence platforms.
• Familiarity with common security frameworks and standards (e.g., NIST, ISO 27001, CIS Controls).
• Experience with incident response procedures, including incident triage, containment, eradication, and recovery.
• Relevant certifications such as CompTIA Security+, Certified Information Systems Security Professional (CISSP) are helpful.
• Ability to work effectively in a fast-paced environment and prioritize tasks based on the severity and impact of security incidents.

Posted By