Specialist, Cloud Security Detection & Response
We are seeking an intermediate-level security professional to join our Global Cybersecurity Services Team. The role involves enhancing our security technology stack, developing AI-driven security automation workflows, and contributing to security operations within our modern cybersecurity operating model.
Key Responsibilities:
Conduct in-depth investigations into security operations escalations at Tier 1 & 2 levels, performing incident triage and root cause analysis. Utilize various tools like EPP/EDR/XDR software, Digital Forensics tools, and SIEM platforms for thorough investigations.
Engage in security engineering by maintaining and improving our security operations technology stack, including next-gen SIEM and SOAR solutions. Manage the detection use case life cycle and incorporate AI into workflows to enhance automation.
Lead end-to-end incident response activities, providing guidance during investigations to drive containment, mitigation, and other security outcomes effectively.
Develop advanced security controls for cloud and container environments to detect and respond to security threats. Implement and manage cloud-native security controls such as AWS GuardDuty, Google SCC, Azure Security Centre, and CNAPP solutions.
Take charge of security projects, including Cloud Security Posture Management (CSPM), Container Security, Runtime Vulnerability Management, Threat Hunting, and Network/Endpoint/Cloud security reviews.
Demonstrate leadership skills by managing cross-functional teams and stakeholders, as well as mentoring junior security specialists.
Requirements:
5-7 years of experience in Information Security with hands-on expertise in Security Operations, Security Engineering, Digital Forensics, Incident Response, Endpoint Security, or Cloud Security.
Proficient in working with SIEM, EPP/EDR/XDR, SOAR, Cloud Security solutions, and Digital Forensics tools.
Experience in Cloud environments like AWS, Azure, and GCP, as well as Amazon EKS and Azure AKS for container orchestration.
Strong background in leveraging AI/ML in cybersecurity situations and scripting languages for automation.
Self-motivated, detail-oriented, and focused on achieving outcomes.
Excellent verbal and written communication skills in English.
Willingness to participate in on-call rotations.
