Identify challenges in customer Cyber Defense Centers (CDC) and formulate strategies for improvement, plan implementation of improvements, and execute/oversee plans to completion.
Advise on technologies relied upon by the client CDC, Computer Security Incident Response Team (CSIRT), and SOC.
Create and modify SIEM use cases written in both technology specific query language and Sigma open signature format. Create and modify SOAR playbooks written in Python.
Engage and collaborate with client stakeholders and other groups within customer environment to drive resolution for security issues.
Provide expertise for SIEM, SOAR and other SOC technologies that assist in incident response.

Detection and SOAR Engineer, Mandiant Consulting, Google Cloud

Job Description