Related skills
aws gcp splunk sentinel crowdstrike falconπ Description
- Monitor and triage security alerts across SIEM, EDR, cloud security, and identity platforms.
- Perform initial investigation on escalated events, collecting evidence across log sources.
- Execute containment and remediation actions under defined escalation thresholds.
- Maintain accurate incident documentation in the tracking system.
- Contribute to YARA-L rule development and IOC correlation in threat intel feeds.
- Triage cloud security findings and investigate identity anomalies (MFA/logins) in cloud environments.
π― Requirements
- 2β4 years of SOC, incident response, or security operations experience
- Bachelor's degree (B. Tech) from a Tier1, Tier2 institution
- Hands-on experience with a SIEM platform (Chronicle, Splunk, Sentinel, or equivalent)
- Familiarity with EDR tooling (CrowdStrike Falcon preferred)
- Foundational understanding of cloud security concepts across AWS or GCP
- Working knowledge of identity threat patterns (credential stuffing, MFA fatigue)
- Ability to read and interpret logs: authentication, network, endpoint, and cloud audit trails
- Scripting proficiency in Python or similar for basic automation and log parsing
π Benefits
- Equal opportunity employer
- Reasonable accommodation for qualified employees
Meet JobCopilot: Your Personal AI Job Hunter
Automatically Apply to Operations Jobs. Just set your
preferences and Job Copilot will do the rest β finding, filtering, and applying while you focus on what matters.
Help us maintain the quality of jobs posted on Empllo!
Is this position not a remote job?
Let us know!