Log In
Sign Up
What You’ll Do
∙Monitor, investigate, and respond to security alerts and incidents (L2/L3)
∙Lead and manage the Vulnerability Management program including asset discovery,
scanning, risk-based prioritization, remediation tracking, and reporting
∙Collaborate with IT and application teams to drive timely vulnerability remediation and
SLA adherence
∙Develop and tune SIEM use cases, correlation rules, and dashboards
∙Lead incident response: triage, containment, eradication, and recovery
∙Perform proactive threat hunting using MITRE ATT&CK and threat intelligence
∙Integrate and analyze logs from EDR, firewalls, email, VPN, SASE, cloud
∙Identify control gaps and recommend security improvements
∙Build/maintain playbooks, SOPs, and automate workflows (SOAR/scripts)
∙Participate in on-call rotation for critical incidents
Core & Must-Have Skills
∙SIEM: Splunk / Microsoft Sentinel / QRadar / ELK (use case development & tuning)
∙Incident Response & Threat Hunting: Hands-on experience in detection and
investigation
∙Vulnerability Management (Core): Strong hands-on experience in end-to-end lifecycle
including asset discovery, scanning (Qualys / Rapid7 / Nessus), risk-based prioritization,
remediation tracking, and reporting
∙SIEM: Splunk / Microsoft Sentinel / QRadar / ELK (use case development & tuning)
∙Network Security: TCP/IP, DNS, HTTP; tools like Wireshark, Zeek, Nmap
∙EDR & Email Security: CrowdStrike / Defender / SentinelOne; Proofpoint / Abnormal
∙Cloud Security: AWS / Azure / GCP security monitoring & controls
∙Scripting/Automation: Python / PowerShell / Bash
∙OS Security: Strong in Windows & Linux
∙Frameworks: MITRE ATT&CK, common attack vectors & TTPs
Good to Have
∙Malware analysis (static/dynamic)
∙SOAR platforms and automation pipelines
∙Experience with SASE, DLP, IDS/IPS
∙Exposure to forensics and APT investigations
