Yesterday
● Support the front-line responder by identifying, triaging, and remediating security events, anomalies, and incidents. ● Assess newly published vulnerabilities and attacker Tactics, Techniques, and Procedures (TTPs) to identify possible defensive measures to locate and stop threat actors. ● Provide incident response support as a key stakeholder. Collaborate with the security & engineering teams to proactively improve and secure systems from future attacks. ● Operate and help mature playbooks to protect people, systems, and assets. ● Implement detective and protective security controls across infrastructure and systems to improve security maturity. ● Utilize Sumo Logic logging and monitoring platform to publish security metrics. ● Contribute to the creation of runbooks and write investigation reports. ● Develop and maintain correlation rules, queries, dashboards, and reports within the SIEM system. ● Participate in the Security Incident Response Team on-call rotation. ● Contribute towards information security guidance documentation and training. ● Coordinate with external parties for Digital forensics & incident response (DFIR) investigations. ● Lead the identification, assessment, and prioritization of vulnerabilities across the company’s systems and networks. ● Build automation & orchestration workflows to automate SOC processes. ● Improve our detective controls through the use of threat-hunting and cyber threat intelligence. ● Communicate effectively at multiple levels of sensitivity, and multiple audiences.
● 5+ years of relevant experience working in IT or Information Security in a cloud-first environment; with a minimum of 3 years of experience directly, working in a dedicated incident response, threat & vulnerability management, or digital forensics role. ● Bachelor’s degree in Computer Science, Programming, or related field, or equivalent combination of education and experience. ● Relevant Professional certifications such as CISSP, GCIA, GCIH, OSCP, or similar are highly desirable. ● Experience with the Mitre Att&ck Framework and associated tactics and techniques or other threat modeling exposures. ● Proficient in Network and Security technologies. ● You have experience using log and data analysis platforms such as Splunk, Sumologic, Datadog, Grafana etc. ● Familiarity with Crowdstrike and AWS security tooling in cloud environments or similar products and services. ● Nice to Have: Programming skills, Experience with Kubernetes, AWS Certifications, Static and/or Dynamic code analysis tooling, Experience writing SDLC-related policy.
Apply Now