Responsibilities

• Lead full lifecycle of cybersecurity incidents (detection, resolution, post-incident review).
• Conduct advanced threat analysis, malware reverse engineering, and forensic investigations.
• Develop and maintain incident response playbooks and runbooks.
• Proactively hunt for threats and identify Indicators of Compromise (IOCs).
• Collaborate with SOC, Threat Intelligence, and IT teams.
• Mentor junior analysts and present findings to leadership.
• Contribute to detection engineering and security monitoring rules.

Required Qualifications

• 8-10 years of experience in incident analysis, SOC operations, or security architecture.
• Expertise in Microsoft Sentinel and KQL for threat detection.
• Strong knowledge of NIST and MITRE ATT&CK frameworks.
• Experience in Threat Intelligence, Threat Hunting, Digital Forensics.
• Familiarity with Microsoft Defender for Identity and Purview.
• Strong communication skills (technical and non-technical).

Preferred Qualifications

• GIAC GCIH, GCED, or similar certifications.
• Cloud security experience (AWS, Azure, GCP).
• Scripting skills (Python, PowerShell).
• MSSP experience.

Posted By