Job Description

Key Responsibilities

Security Monitoring & Incident Response

• Monitor network traffic, system logs, and security alerts using Splunk and other SIEM tools to identify suspicious activities
• Investigate, triage, and respond to security incidents (e.g., malware, breaches) by following established protocols to contain and mitigate risks
• Document incidents, response actions, and post-incident analysis for compliance and future reference

Automation & Tool Management

• Develop Python scripts to automate security tasks such as log analysis, vulnerability scanning, and threat detection
• Optimize Splunk dashboards, queries, and alerts to improve threat visibility and reduce false positives
• Manage security tools (e.g., SIEM, IDS/IPS) and integrate Python-based solutions to streamline workflows

Threat Intelligence & Collaboration

• Stay updated on emerging threats and vulnerabilities, incorporating threat intelligence into monitoring and response strategies
• Collaborate with cross-functional teams (e.g., incident responders, engineers) to resolve complex security issues

Required Skills & Qualifications

• 2+ years of experience in a SOC or related cybersecurity role.
• Proficiency in Splunk for log analysis, alert creation, and dashboard customization
• Strong Python scripting skills for automating tasks (e.g., log parsing, network scanning) and building security tools
• Knowledge of incident response frameworks, network protocols, and security technologies (e.g., firewalls, IDS/IPS)
• Familiarity with compliance standards (e.g., GDPR, HIPAA) and security best practices
• Certifications such as CompTIA Security+, CEH, or Splunk Certified User (preferred).

Preferred Qualifications

• Experience with threat-hunting methodologies and proactive vulnerability assessments
• Knowledge of frameworks like MITRE ATT&CK and tools such as Scapy or Volatility
• Familiarity with cloud security environments and DevOps integration.

Job Tags

Similar Jobs