Lead threat detection and incident response, leveraging SIEM, vulnerability management, and cloud security tools to protect enterprise assets and ensure compliance.
About the role
Key Responsibilities
Monitor, analyze, and respond to security alerts using SIEM platforms (Splunk, QRadar).
Conduct threat hunting, vulnerability assessments, and penetration testing to identify and remediate risks.
Develop and maintain incident response playbooks, run tabletop exercises, and coordinate cross‑team actions during incidents.
Implement and manage cloud security controls across AWS environments, ensuring compliance with industry standards.
Automate security workflows with Python scripts and orchestrate security tools via APIs.
Document findings, produce detailed reports, and provide actionable recommendations to stakeholders.
Requirements
3+ years of experience in cybersecurity operations or SOC roles.
Proficiency with SIEM tools, vulnerability scanners, and cloud security services.
Strong scripting skills in Python and familiarity with automation frameworks.
Knowledge of threat intelligence feeds, incident response frameworks, and compliance regulations.
Excellent analytical, communication, and problem‑solving abilities.