About the Role

You will lead analysis of security events on the network. This will involve triaging events that come from any number of sources and working to understand the threat and ensuring any incidents get resolved or escalated accordingly. You will also drive security monitoring tuning to ensure that false positives are tuned out.

What you’ll do:

• Support live response and forensics capabilities
• Project support and implementation within the security team
• Mentor jr members of the team
• Improve SOC processes, procedures and tools
• Improve threat detection using network or system capabilities
• Identify and develop relevant security automation solutions
• Keep up with the latest industry knowledge and trends on Cyber Security

Candidate must demonstrate experience in supporting high pressure work environments and be willing to work off-hours on a rotational basis.

• 4 + years relevant experience in a similar security role
• Network and system security/administration
• Understanding of security threats and attacks
• Understanding context and events from system and security logs
• Tuning SIEM/security monitoring rules/alerts/reports
• Mature approach to supporting a 24/7 SOC in a follow-the-sun model
• Experience in security incident management processes
• Experience with threat intelligence platforms and hunting techniques
• Experience with performing technical security analysis and report writing
• Deep understanding of Linux/OSX and Windows, network and application security threats, attack techniques and mitigation options and network related protocols (e.g. TCP/IP, IPSEC, routing protocols, etc.)
• Operating knowledge of cloud security concepts, solutions and automation
• Experience in working with IDS/IPS/HIDS, Firewalls and SIEM systems
• Strong coding skills (python preferred)
• Troubleshooting skills and mindset