Related skills
azure aws python gcp siem๐ Description
- Incident triage and investigation of alerts from SIEM/EDR/CSPM
- Analyze incidents across AWS, Azure, GCP to map attacker activity
- Run and tune SOAR playbooks; isolate hosts; block malicious IPs/domains
- Use Python scripts to automate evidence collection and enrichment
- Document investigation steps in the incident management system
- Threat hunting and cloud monitoring; escalate when needed
๐ฏ Requirements
- Bachelor's degree in CS/Security or equivalent practical exp.
- Willingness to work 24/7 rotational shifts.
- 4-6 years in Security Operations with L2 capabilities.
- Cloud and container security: AWS/Azure/GCP hands-on; container security.
- SIEM/EDR expertise: CrowdStrike, Splunk, QRadar, Azure Sentinel.
- SOAR/AI familiarity and MITRE ATT&CK mapping.
๐ Benefits
- Be at the forefront of a modern cloud-focused SOC.
- Hands-on with cloud security, automation, and threat intel.
- Clear career path to L3, threat hunting, or automation roles.
- Collaborate with top security and engineering leaders.
Meet JobCopilot: Your Personal AI Job Hunter
Automatically Apply to Operations Jobs. Just set your
preferences and Job Copilot will do the rest โ finding, filtering, and applying while you focus on what matters.
Help us maintain the quality of jobs posted on Empllo!
Is this position not a remote job?
Let us know!