Specialist, Cloud Security Detection & Response

We are in search of an intermediate-level security specialist to join our Global Cybersecurity Services Team. In this role, you will contribute to enhancing our security technology stack, implementing AI-driven security automation workflows, and supporting security operations within our modern cybersecurity operating model.

We are establishing a contemporary, multi-cloud, intelligence-focused security operations capability that heavily emphasizes AI and automation, necessitating a blend of engineering and operational skills across all levels.

Responsibilities

• Conduct thorough investigations into Tier 1 & Tier 2 security operations escalations, conducting incident triage, and root cause analysis. Proficiency in using various open source and proprietary tools such as EPP/EDR/XDR software, Digital Forensics tools/software, and SIEM platforms.
• Develop, maintain, and improve our security operations technology stack, including next-generation SIEM and SOAR solutions. Implement security logging and detection engineering best practices, overseeing the detection use case lifecycle, and actively incorporate AI into workflows.
• Expertise in end-to-end Incident Response, leading and guiding investigations and incidents to facilitate investigation pivoting, containment, mitigation, and other necessary security actions.
• Create, deploy, and manage advanced cloud security controls to enable threat prevention, detection, and response in cloud environments. Configure and utilize cloud-native security controls in platforms like AWS GuardDuty, Google SCC, Azure Security Centre, and CNAPP solutions.
• Lead initiatives such as Cloud Security Posture Management, Container Security, Native Cloud Security Enhancements in AWS, Azure, GCP, Runtime Vulnerability Management, Endpoint Security enhancements, Threat Hunting, Compromise Assessments, and Network/Endpoint/Cloud security reviews.
• Demonstrate comfort in cross-functional leadership and stakeholder management, potentially overseeing a small team of junior security specialists.

Requirements

• 5-7 years of experience in Information Security involving hands-on experience in multiple areas such as Security Operations, Security Engineering, Digital Forensics, Incident Response, Endpoint Security, or Cloud Security.
• Hands-on experience with SIEM, EPP/EDR/XDR, SOAR, Cloud Security (CSPM, Container Security, etc.), as well as Digital Forensics software and tools.
• Proficiency in working with cloud environments including AWS, Azure, and GCP, and experience in Amazon EKS and Azure AKS for container orchestration platform management.
• Experience in applying AI/ML in cybersecurity contexts.
• Skill in scripting languages for task automation and data manipulation, or programming knowledge.
• Highly self-motivated, detail-oriented, and driven by outcomes.
• Excellent verbal and written English communication skills.
• Willingness to participate in on-call rotation.