This is a hands-on role that takes place in office environments and AWS cloud. This role entails a mix of incident response, security engineering, threat hunting, and a bit of red teaming. Your responsibility will be identifying gaps, executing new detection method, and using current tools to detect and respond to incidents. This role will offer an opportunity for you to develop tools, build modern host and network IDS system, and work with high-tech services in AWS.
Responsibilities
- Develop, test, and execute security event detection systems and technologies (SIEM; Splunk, LogRhythm, HPE, IBM).
- Develop and modulate event detection methods for network (IDS / IPS), host, and application layers.
- Search for threats, investigate security events, and handle incidents.
- Vulnerabilities analysis and mitigation.
- System forensics.
- Adhoc.
Who you are
- 4+ years of experience in SOC.
- Strong knowledge and experience in networking, incident response, security engineering, or threat hunting.
- Able apply security flaws to simulate attacks.
- Ability to script in one or more programming languages (Go, Ruby, Python or Java).