Job Description

Job Summary + Role Specification: 

This position is with a leading industry organization, offered under direct payroll.
Mid-level role focused on incident investigation, correlation, and response, working across SIEM, EDR, and threat intelligence platforms.

📄 Job Description:

• Perform deep-dive incident investigations 
• Correlate logs across SIEM, EDR, and network tools 
• Execute incident response and containment actions 
• Tune SIEM detection rules and alerts 
• Conduct threat hunting (basic to intermediate) 
• Integrate threat intelligence feeds 
• Support forensic analysis for incidents 
• Improve detection use cases 

🎯 Roles & Responsibilities

• Investigate escalated alerts from L1 
• Analyze suspicious activities across systems 
• Perform containment (block IP, isolate endpoints) 
• Create and tune SIEM rules 
• Document incidents and RCA reports 
• Collaborate with IT and security teams 

🧠 Skills & Technologies

Security Ops: Incident Response, Threat Analysis
Tools: Splunk, Sentinel, QRadar, CrowdStrike, Defender
Cloud: AWS Security Hub, Azure Security Center
Networking: TCP/IP, DNS, SSL, Firewall rules
Scripting: Python, PowerShell
Frameworks: MITRE ATT&CK, NIST

✅ Eligibility Criteria

• 3–5 yrs SOC or security operations experience 
• Strong SIEM, EDR, and log analysis skills 
• Experience in incident handling 
• Bachelor’s degree required 
• Certifications: CEH, GCIH (Preferred)