Lead / Principal Technical Cyber Engineer

Join a dynamic team as a Security Operations Center (SOC) Tech Lead, where you'll spearhead the enhancement and optimization of security monitoring capabilities while mentoring analysts to foster a culture of continuous improvement.

Responsibilities

• Lead the architecture and optimization of core SOC platforms, including SIEM, SOAR, and threat intelligence tools.
• Design and oversee data ingestion processes, ensuring log sources are parsed and enriched for analysis.
• Develop and maintain detection rules and threat scenarios against SIEM and EDR platforms.
• Define fidelity standards for alerts, tuning rules to reduce false positives while ensuring true positive detection.
• Drive the creation of SOAR playbooks for incident triage and escalation, establishing engineering standards for playbook functionality.
• Conduct post-incident reviews to identify gaps in detect...