Monitor and analyze alerts in EDR/SIEM platforms, identifying suspicious activities and performing initial diagnostics.
Analyze threat intelligence and anticipate potential attacks.
Respond to and contain incidents by applying mitigation measures.
Prepare reports and notifications with findings and recommendations.
Optimize detection rules and reduce false positives.
Contribute to the evolution of procedures and playbooks.
Automate tasks through scripting (PowerShell, Python, Bash).
Participate in client meetings for follow-up and support during initial deployments.

Requirements

Degree in Engineering, Cybersecurity, or equivalent training.
2 years of experience analyzing security alerts in SIEM/EDR platforms (e.g., CrowdStrike, Microsoft Sentinel, Splunk, Elastic, QRadar, Wazuh).
Knowledge of Windows and UNIX/Linux system administration.
Strong understanding of networks and protocols (TCP/IP, DHCP, DNS).
Scripting skills in Bash, Python, and PowerShell.
Analytical ability, logical thinking, and problem-solving skills.
Attention to detail, proactivity, and teamwork.
C1-level English for communication with international clients and ticket handling.
Availability for 24x7 on-call shifts.
Cybersecurity certifications and master’s degrees are a plus.

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

EDRSIEMscriptingPowerShellPythonBashnetwork protocolsWindows administrationUNIX/Linux administrationthreat intelligence analysis

Soft Skills

analytical abilitylogical thinkingproblem-solvingattention to detailproactivityteamworkcommunication

Certifications

Cybersecurity certificationsmaster's degree