Job Description

If you answered yes to these questions keep reading the description below! Experience in leading full life cycle of security incident, detect and response journey with the ability to see incidents to their conclusion Experience with security tools such as SIEM, IDS/IPS, Firewalls and vulnerability scanners Mentor SOC analysts and incident responders on advanced IR and automation best practices. Lead post-incident reviews and tabletop exercises. Develop internal knowledge base and AI model training datasets for SOC use. Bachelor's Degree in Computer Science, Information Systems, or equivalent experience. 08-12 years of cybersecurity experience, including 5+ years in Incident Response / SOC L3-L4 roles. Expert knowledge of EDR/XDR platforms (CrowdStrike, SentinelOne, Defender, etc.) and SIEMs (Splunk, QRadar, ELK). Solid experience with Python / PowerShell scripting for automation and API integrations. Proven hands-on expertise with SOAR platforms and custom playbook creation. Familiarity with AI/ML frameworks (TensorFlow, PyTorch, OpenAI API, Scikit-learn) applied to cybersecurity use cases. In-depth understanding of MITRE ATT&CK, Cyber Kill Chain, and NIST frameworks. Exposure to Cloud Security IR (AWS, Azure, GCP). Experience performing digital forensics, memory analysis, and malware triage. Certifications such as GCFA, GREM, GCIH, CISSP, CCIR, CEH (Practical), or OSCP. Incident Response & Threat Management Lead and coordinate major cybersecurity incident investigations and containment activities. Perform advanced root cause analysis, malware analysis, and threat attribution. Oversee incident lifecycle management, detection, triage, containment, eradication, and lessons learned. Develop and maintain IR playbooks for emerging attack vectors (cloud, AI, OT, insider threats). Act as the final escalation point for complex SOC alerts (L3 to L4)/ Investigations. Facilitate training/learning exercises to ensure SOC team proficiency and relevance Participate in projects or initiatives where Security Operations support is needed, including contributing to security incident table-top exercises Design and implement AI-driven detection models for anomaly detection and behavioral analytics. Evaluate and operationalize AI/ML-based security tools (e.g., Security Copilot, Microsoft Defender AI) Guide L1-L3 analysts in understanding threat actor behavior and response strategies. Responsibilities will include, but are not limited to, the following:

Skills Required