Job Description

Key Responsibilities

Monitor security alerts, logs, and events via SIEM tools (Splunk, QRadar, Sentinel, etc.). Perform initial triage, investigation, and classification of potential security incidents. Detect and analyze malicious activities such as malware, phishing, intrusions, and suspicious behavior. Escalate critical incidents to L2/L3 teams and participate in incident response activities. Create incident tickets, maintain documentation, and update case notes. Conduct threat analysis and research on emerging cyber threats. Analyze network traffic, endpoint logs, firewall rules, and system behavior to identify anomalies. Assist in tuning SIEM rules, use cases, and alert thresholds. Collaborate with IT, security, and management teams to ensure timely mitigation of risks. Participate in the creation of playbooks, runbooks, and SOC standard procedures.

Required Qualifications

Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or equivalent experience. 3-5 years of experience in a SOC or cybersecurity role (for L1/L2). Hands-on experience with SIEM tools (Splunk, QRadar, Microsoft Sentinel, ArcSight, etc.). Strong understanding of network security, firewalls, IDS/IPS, endpoint security, and VPNs. Knowledge of common attack vectors, malware behavior, and threat hunting techniques. Familiarity with security frameworks (MITRE ATT&CK, NIST, ISO 27001). Ability to analyze logs from servers, endpoints, applications, and network devices
Job Type: Full-time

Pay: $50,362.37-$108,614.57 per year