*key responsibilities*
security monitoring & escalations: support team by investigating suspected incidents and client issues.
Threat hunting: performing scheduled structured & unstructured hunts.
R&d: researching threats & threat hunting techniques as well as supporting with development activities.
Executing additional service/solution improvement & quality assurance projects.
5-9 years of recent operational security experience (soc, incident response, ids/ips analysis, threat hunting etc.)
Work experience/knowledge in elk stack or should have good experience in any siem tool.
Ability to investigate & correlate sysmon & windows events.
Excellent understanding of mitre framework & owasp top 10.
Knowledge of network data flows, ports & protocols.
Excellent analytical skills
basic knowledge for the below will be an added advantage:
malware analysis & reverse engineering
scripting languages like python, powershell, bash, etc.
Should be adaptable/flexible & open for working in rotational shifts 24/7.
Self-motivated & ability to work under mínimal supervision.
Excellent interpersonal, written, verbal, communication, and presentation skills.\
certification: sans gcih or gcia or gcfa or grem (good to have)
team player.