Back to jobs
Job Description
- Identify issues in customer Cyber Defense Centers and formulate strategies for improvement, plan implementation of improvements, and execute/oversee plans to completion.
- Create and modify SIEM use cases and detection logic, leveraging cyber threat intelligence, written in technology-specific query language or Sigma open signature format.
- Provide expertise for SIEM, SOAR, and other SOC technologies that assist in incident response, create and modify SOAR playbooks written in Python.
- Measure and improve alert fidelity through metrics creation, tracking, responding to tuning requests, implementing incident-specific detection logic, etc.
- Engage and collaborate with client stakeholders and other groups within customer environment to drive resolution for security issues.