Lead the utilization, tuning, and administration of enterprise security tools, including endpoint protection (XDR/EDR), SIEM, vulnerability scanners, software monitoring, and threat intelligence platforms.
Develop and evolve the organization's SIEM strategy, incorporating AI/ML for advanced correlation, anomaly detection, and predictive threat intelligence to drive operational efficiency.
Develop, implement, and monitor key SIEM efficiency metrics (e.g., MTTD/MTTR).
Drive incident response efforts, coordinating with cross-functional teams (e.g., engineering, compliance, executive leadership) to contain, remediate, and conduct post-incident reviews.
Mentor cybersecurity analysts, contribute to security policy development, and identify opportunities for process improvements and AI-enhanced efficiencies.

Requirements

Hands-on experience in cybersecurity operations, with proven expertise in security tools like vulnerability scanners (e.g., Nessus), XDR/EDR (e.g., CrowdStrike, SentinelOne), and SIEM platforms (e.g., Splunk, Elastic).
Deep experience in SIEM alert triage, correlation, rule development, and strategy design, including AI/ML integration for efficiency and threat detection.
Strong foundational and advanced knowledge of operating systems (Linux/Windows), networking protocols (TCP/IP), cloud security (AWS/GCP/Azure), and information security frameworks (NIST, MITRE ATT&CK).
Exceptional analytical, problem-solving, and threat-hunting skills, with a track record of improving efficiency metrics like MTTD/MTTR through automation and AI.
Excellent verbal and written communication skills in English, including experience presenting to stakeholders and documenting incidents/reports.
Relevant certifications such as CISSP, CISM or equivalent, auditing/compliance experience (e.g., SOC 2) are highly valued.

Benefits

expansive benefit package. It covers learning, well-being, celebration, and much more — learn all about it here.

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

cybersecurity operationsSIEM strategyAI/ML integrationincident responsealert triagecorrelationrule developmentvulnerability scanningthreat detectionprocess improvements

Soft Skills

analytical skillsproblem-solving skillsthreat-hunting skillscommunication skillsmentoringcollaborationstakeholder presentationdocumentation

Certifications

CISSPCISMSOC 2