Requirements:

Lead customer engagements on SIEM & SOAR implementation with use case and playbook documentation. Provide hands-on solutions, customization and tuning, automation, and use case development for different SIEM solutions. Collaborating with multiple stakeholder teams including the SOC, Threat Modeling & Hunting Teams. Creating strategies, technical plans, and architectures to audiences of technical and executive leadership as required. Continuously improve threat detection capabilities, use cases and playbooks. Mentor and guide the detection engineering team and plan training activities.

Qualification:

A bachelor’s degree in computer science, IT, or a Cybersecurity related field. One or more certifications including CompTIA CySA+, CSA, Cloud etc. Minimum 4 years of hands on technical SIEM experience, with 2-3 of those years focused on creating use cases and detection focused automation. 2-3 years of experience working directly in SOC, Threat Hunting or an Incident Response Team. Deep understanding of SOC, SIEM, and other engineering best practices, limitations, and ways of extending or customizing threat detection automation related use cases. Experience with one or more SIEM solutions out of Microsoft Sentinel, Google Chronicle, IBM QRadar, Splunk or Wazuh. Demonstrate hands-on skills in a major scripting/programming language or a search query language (KQL, YARA, DQL, etc.) for use in use case development. Experience with cloud services will be an added advantage.