Job Details
Experience Needed:
Career Level:
Education Level:
Salary:
Job Categories:
Skills And Tools:
Job Description
| Monitor and analyze real-time security events using tools like SIEM, EDR/XDR, DLP, and IDS/IPS. |
| Lead investigations into complex security incidents from detection through containment and remediation. |
| Automate incident response workflows using a SOAR platform and scripting languages (Python, PowerShell). |
| Integrate internal and external threat intelligence into detection systems and workflows. |
| Conduct threat hunting and proactive detection using SIEM. |
| Work with our managed SOC provider to monitor, review, and validate alerts, guiding appropriate actions. |
| Keep security tools and processes tuned for accurate detection and minimal false positives. |
| Mentor and train junior SOC analysts; maintain and share knowledge via playbooks, runbooks, and documentation. |
| Collaborate with DevOps, IT, and product teams to integrate security into network, application, and endpoint environments. |
| Manage Governance, Risk, and Compliance (GRC): |
| Write and update security policies and guidelines. |
| Review and track risks and mitigation steps. |
| Ensure compliance with PCI DSS, SOC 2, ISO 27001, and other relevant standards. |
| Prepare for and support PCI DSS audits by gathering and organizing evidence. |
| Document and maintain incident response plans and security processes. |
| Support compliance initiatives, audits, and security reporting. |
| Participate in on-call rotations and ensure readiness for incident response. |
| Work cross-functionally to embed security practices into daily operations. |
Job Requirements
| 5+ years in cybersecurity roles, with at least 2 years in a SOC or security operations position. |
| Proven experience working with a managed SOC/MSSP including reviewing alerts, coordinating incident response, and improving detection coverage. |
| Hands-on experience with SIEM, EDR/XDR, and SOAR tools. |
| Strong knowledge of incident response processes, threat hunting, and threat intelligence integration. |
| Direct experience supporting PCI DSS compliance (preferably Level 1) — including logging, monitoring, and incident response requirements. |
| Familiarity with Governance, Risk, and Compliance (GRC) frameworks, such as SOC 2, ISO 27001, NIST CSF. |
| Proficiency in scripting languages (e.g., Python, PowerShell) for automation and security tooling integration. |
| Solid knowledge of cloud security for AWS, Azure, or GCP. |
| Strong understanding of network security fundamentals and endpoint protection. |
| Certifications (preferred, not required) |
