Lead and support advanced SOC investigations, incident response activities, and Tier-3 escalations, providing deep technical analysis of security alerts, anomalous behavior, and suspected malicious activity
Perform proactive threat hunting activities across enterprise security telemetry including SIEM, EDR, identity, network, and cloud logs to identify previously undetected or emerging threats
Analyze attacker behaviors and intrusion patterns to develop threat hunting hypotheses and detection strategies aligned with the MITRE ATT&CK framework
Investigate complex security alerts and incidents, performing log analysis, endpoint analysis, and timeline reconstruction to determine root cause, scope, and impact
Leverage internal telemetry, alerts, and IOC trends to identify threat patterns targeting the organization and opportunities for improved detection coverage
Enhance threat detection and response capabilities by supporting the development and improvement of SOC detection logic, response procedures, escalation playbooks, and analyst decision trees
Conduct proactive analysis of alert trends to identify gaps in detection coverage and recommend new or improved monitoring capabilities
Utilize Cyber Threat Intelligence (CTI) sources to contextualize incidents, inform threat hunting efforts, and prioritize investigations
Monitor open-source, closed-source, and vendor-provided threat intelligence to stay abreast of emerging threats, vulnerabilities, and adversary tactics relevant to the organization
Develop and maintain profiles of relevant threat actors, including tactics, techniques, and procedures (TTPs), and incorporate those insights into threat hunting and detection strategies
Assist in SOC and Incident Response escalations, providing technical expertise and investigative support during security incidents
Conduct threat, risk, and vulnerability assessments to provide actionable remediation and security control improvement guidance
Collaborate with the Red Team and Cyber Incident Management to support red team exercises, incident response training, tabletop exercises, and detection validation
Perform targeted access reviews and anomaly analysis across enterprise systems (Windows, Linux, databases, network infrastructure, cloud platforms) to identify suspicious activity
Collaborate with DLP and other security teams on insider risk investigations and monitoring initiatives
Contribute to the development and improvement of SOC procedures, threat hunting methodologies, and intelligence-driven detection processes
Collaborate with relevant stakeholders on security awareness messaging and threat awareness related communications

Requirements

Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or related field
5+ years of experience in Security Operations, Incident Response, Threat Hunting, Detection Engineering, and/or related cybersecurity roles
Strong SOC experience investigating security alerts, performing incident response, and log analysis
Hands-on experience working with SIEM, EDR, and other enterprise security monitoring tools
Familiarity with the MITRE ATT&CK Framework and attacker TTP analysis
Excellent collaboration and communication skills, particularly in high-stress situations
Ability to produce clear technical and operational reporting for both technical teams and leadership
Strong analytical skills and priority management

Benefits

Base salary
Discretionary bonuses
Profit-sharing
Long-term savings
Healthcare
Income protection
Professional development opportunities
Time off

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

incident responsethreat huntinglog analysisendpoint analysisvulnerability assessmentsdetection engineeringsecurity alert investigationanomaly analysisthreat detectionroot cause analysis

Soft Skills

collaborationcommunicationanalytical skillspriority managementtechnical reportingleadershipproblem-solvingadaptabilityteamworkstress management