Report this job

---

What is the problem? *

Incorrect company
Incorrect location
Job is expired
Job may be a scam
Other

5+ years of information security related experience, in areas such as: security operations, incident analysis, incident handling, vulnerability management or testing, system patching, log analysis, intrusion detection, or security device administration. Create use cases for various threat actors /scenarios Create use cases for entire MITRE ATTACK framework. Converting HX use cases into Sysmon detections Maintaining and tuning high fidelity, low noise alerts to effectively identify and prioritize critical issues, minimizing false positives, and enhancing the overall security posture Develop and maintain high-quality threat detection rules, queries, and alerts based on identified use cases, threat scenarios, and structured threat intelligence Monitor and respond to web application firewall alerts Conduct regular reviews and assessments of detection rules and automated workflows to ensure optimal performance, effectiveness, and accuracy Proficiency in SIEM tools e.g., Splunk, including rule creation, query writing, and alert management. In-depth packet analysis skills, core forensic familiarity, incident response skills, and data fusion skills based on multiple security data sources. Scripting and automation System administration on Unix, Linux, or Windows. Network forensics, logging, and event management. Defensive network infrastructure (operations or engineering Vulnerability assessment and penetration testing concepts. Malware analysis concepts, techniques, and reverse engineering. In-depth knowledge of network and host security technologies and products (such as firewalls, network IDS, scanners) and continuously improve these skills. Familiarity with common cybersecurity frameworks such as NIST, or other leading practices, and industry standards. Relevant security certifications such as CISSP, GCIH, GCIA, or similar are highly desirable