🛠 Tech Stack

💼 About This Role

You'll architect SIEM systems and incident response frameworks from scratch for a 2000+ user infrastructure. Your work will turn raw logs into a transparent security system and enable threat detection before issues become critical. This is a rare greenfield opportunity to build enterprise-grade security operations for multiple product companies.

🎯 What You'll Do

• Analyze market and implement a SIEM solution (POC to full deployment).
• Configure log collection, parsing, and correlation from 1000+ macOS/iOS devices.
• Design incident management playbooks and alert handling processes.
• Develop custom detection rules (Sigma, YARA, KQL) for threat hunting.

📋 Requirements

• SIEM deployment experience (ELK, Wazuh, Splunk, or similar).
• Detection engineering with custom rule writing (Sigma, YARA, KQL, SPL).
• Incident response framework implementation (triage to post-mortem).
• Scripting in Python, Bash, or Go for automation and integration.

✨ Nice to Have

• Experience in mature SOC teams (Tier 2/Tier 3 analyst or architect).
• Cloud provider log analysis (AWS, GCP, GWS).
• Relevant security certifications (CISSP, GCIH, etc.).

🎁 Benefits & Perks

• 🏥 Medical insurance and corporate doctor.
• 📚 Training, courses, and conference access.
• 🌍 International environment with global impact.
• 🤝 Founder community and internal professional clubs.