The point where experts and best companies meet
Share
Your Role and Responsibilities : |
• Leading complex automation and tuning activities • Preparing and implementing automation and tuning solutions. • Collaborating daily with cross-functional teams internally and with clients. Mainly incident response analysts, threat hunters, architects, and security consultants. • Creating weekly (operational) and monthly (executive) engineering reports about fine-tuning and automation of detection rules and efficiency of SOC measured against agreed meters. • Responsible for understanding contractual baselines and pushing forward to achieve them via driving necessary meetings and development tasks. • Act as the primary point of contact when it comes to troubleshooting, designing, and deploying security workbooks, playbooks, data connectors and analytical rules. |
• Understanding of VPN, IDP/IPS, WAF, and Firewall systems
• Understanding of Cyber Kill Chain and MITRE ATT&CK frameworks
• Hands-on experience with managing Microsoft Cloud Security Suite such as Azure AD, Sentinel (SIEM), Defender (XDR) and MDE
• Good knowledge of enterprise SOC structure, SOC-as-a-service
• Good knowledge of use case and workflow management
• Capability of composing and understanding advanced KQL
• Microsoft Certified SC-900 and AZ-900
• Familiar with ticketing systems such as ServiceNow
• Familiar with Kanban boards such as Trello or in M365 Teams
• Familiar with Zscaler, Checkpoint, Fortinet, Cisco, Crowstrike, Proofpoint, CyberArk systems and their logs
• Familiar with MaGMa framework, IoT Security, SIGMA rules or GitHub
• Experience in malware analysis or reverse engineering
• Microsoft Certified SC-100, SC-200, SC-300, SC-400, AZ-500
These jobs might be a good fit