Job Description

Position Responsibilities

Threat Detection & Monitoring:

• Lead the deployment and fine-tuning of SIEM, IDS/IPS, and EDR solutions to detect security threats in real time.
• Continuously improve threat intelligence processes and analytics capabilities to identify evolving threats.

Incident Response & Threat Hunting:

• Oversee and lead complex incident investigations, coordinating containment, remediation, and post-incident reporting.
• Proactively conduct threat-hunting exercises to uncover advanced persistent threats (APTs) and mitigate risks before they escalate.
• Establish and refine incident response playbooks and frameworks.

Vulnerability & Risk Management:

• Lead vulnerability management programs, ensuring regular scanning, risk prioritization, and timely remediation.
• Conduct advanced risk assessments to identify and address security gaps within infrastructure, applications, and cloud environments.
• Implement risk mitigation strategies aligned with business objectives.

Security Policy Development & Compliance:

• Design, implement, and maintain security policies, standards, and procedures to meet regulatory requirements (e.g., GDPR, HIPAA, NIST, ISO 27001).
• Guide compliance audits and ensure continuous improvement of security controls.

Security Tool Management & Optimization:

• Manage and enhance security tools, including firewalls, SIEM platforms, endpoint protection solutions, and intrusion detection systems.
• Evaluate and integrate new security technologies to improve defense mechanisms.

Cloud Security:

• Architect and enforce security best practices for cloud environments (AWS, Azure, Google Cloud).
• Implement and monitor IAM, encryption, network security, and cloud-native security tools (e.g., AWS GuardDuty, Azure Security Center).
• Ensure secure configurations, governance, and compliance in cloud deployments.

Log Analysis & Automation:

• Perform deep-dive analysis of security logs from multiple sources to identify anomalies and potential threats.
• Automate security processes using scripting languages (Python, Bash) and security orchestration tools.

Security Awareness & Mentorship:

• Design and deliver security training programs for employees to foster a security-first culture.
• Mentor junior engineers, providing guidance on best practices and security operations methodologies.

Job Requirements

Qualification and Experience

• 4+ years of hands-on experience in Security Operations (SecOps), Cloud Security, and Information Security.
• Proven expertise in managing enterprise security tools, incident response, and cloud security best practices.
• Proficiency in SIEM platforms (e.g., Splunk, QRadar), EDR solutions, IDS/IPS, and vulnerability management tools.
• Extensive experience with cloud security frameworks and tools (AWS, Azure, Google Cloud).
• Strong knowledge of encryption, IAM, secure cloud configurations, and microservices security.
• Familiarity with automation and scripting (Python, Bash, PowerShell) for security operations.

Skills