Collaborating with Security Operations Center (SOC) team members to monitor, detect, and respond to cybersecurity threats in a timely manner.
Responding to cybersecurity incidents from identification through resolution.
Developing and maintaining up-to-date knowledge of the threat landscape, as well as advancements in cybersecurity technologies and methodologies.
Identifying, configuring and onboarding security telemetry sources/logs in support of threat detection and incident response
Collaborating with Engineering and SRE to identify and mitigate logging deficiencies
Developing new detection scenarios and queries to broaden and deepen the team’s detection coverage
Tuning and continuously improving existing detection queries to increase signal-to-noise ratio, and ensure our detections remain relevant and functional
Executing and improving incident response protocols and procedures to swiftly and effectively manage security incidents.
Identifying, developing and maintaining automation solutions to increase the efficiency and effectiveness of the team
Integrating various security and IT tools to enhance threat detection, incident response, and operational efficiency.
Conducting regular security assessments, threat hunts, and continuous monitoring to identify vulnerabilities, opportunities for posture enhancements and better incident preparedness.
Collaborating with Engineering, IT and other departments to support the implementation and evangelization of established cybersecurity best practices across the organization.
Leveraging JIRA for creating and managing dashboards, reports, and metrics that support cybersecurity operations and decision-making.

Requirements

A minimum of 3 years of experience in cybersecurity, with at least 2 years dedicated to security operations, a SOC environment and enterprise security.
Demonstrated experience in incident response, including developing and implementing incident response playbooks and procedures, acting as incident commander on low severity incidents, and conducting post-incident analysis.
Experience with JIRA or similar tools for creating dashboards, managing reports, and automating workflows to support cybersecurity operations.
Proven track record in threat detection
Strong knowledge in operating and configuring SIEM tools (e.g., Splunk, ELK) for real-time threat monitoring and analysis.
Solid understanding of security technologies such as EDR (Endpoint Detection and Response), firewalls, and vulnerability scanners.
Demonstrated track record of automating SOC processes, enhancing threat detection, or streamlining incident response using Python
Proficient knowledge of threat actor behaviors, techniques and tools
Experience investigating security events on MacOS, Linux and Windows systems
Experience investigating security events in cloud environments including AWS and/or GCP
Authorized to work lawfully in the United States of America as Calendly does not engage in immigration sponsorship at this time.

Benefits

Top Performer Bonus program
Equity awards
Competitive benefits

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

cybersecurityincident responsethreat detectionSIEMSplunkELKEDRPythonvulnerability scanningcloud security

Soft Skills

collaborationcommunicationproblem-solvinganalytical thinkingincident managementautomationadaptabilityteamworkleadershiporganizational skills