Tech Stack

Description

You will monitor, detect, investigate, and respond to cybersecurity threats across enterprise systems, cloud infrastructure, and SaaS platforms. You will support the Security Operations Center in protecting company assets, customer data, and platform availability through proactive threat hunting, incident response, and continuous improvement of SOC processes.

Requirements

• Experience with SIEM tools (Splunk, Sentinel, Wazuh)
• Cloud security monitoring (AWS, Azure, Microsoft 365, Salesforce)
• Networking and security fundamentals, log analysis, and incident investigation
• Knowledge of MITRE ATT&CK framework and endpoint/identity/email security
• Strong analytical, documentation, and collaboration skills for 24x7 shift environment

Responsibilities

• Monitor alerts and logs from SIEM, EDR, and cloud security platforms
• Investigate security alerts and perform initial incident triage
• Analyze suspicious activities, determine severity, and escalate incidents per SOC playbooks
• Perform proactive threat hunting and analyze Indicators of Compromise (IOCs)
• Document investigations, maintain playbooks, and support SOC automation improvements