Job Description

• Lead Tier‑3 security incident investigations and escalations within the SOC
• Perform incident response activities including detection, analysis, containment, and recovery
• Conduct proactive threat hunting and investigate suspicious activities using SIEM and XDR platforms
• Develop and maintain Splunk correlation rules, dashboards, and security alerts
• Investigate endpoint, network, email, and cloud security alerts from multiple security tools
• Monitor and secure cloud environments across AWS, Azure, GCP, and OCI
• Perform root cause analysis and provide remediation recommendations
• Collaborate with internal teams and stakeholders to resolve complex security incidents

Requirements

• Strong in SIEM: Splunk, Elastic Stack
• Proficient in Cloud Security: AWS, Azure, GCP, OCI
• Knowledge on Endpoint & XDR: CrowdStrike, Carbon Black, Red Canary and ...