Related skills
python mitre att&ck crowdstrike kql palo alto xsiamπ Description
- Monitor SIEM, EDR, NDR, and cloud tooling for alerts and IOC
- Triage escalations from the third-party SOC provider
- Proactive threat hunting using intel feeds and MITRE ATT&CK
- Lead containment, eradication, and recovery for incidents
- Write incident reports with timeline, impact, and root cause
- Analyze malware samples, phishing campaigns, and endpoint artifacts
π― Requirements
- 2+ years of hands-on SOC or IR experience
- Proficiency with SIEM (Palo Alto XSIAM preferred)
- Experience with EDR/XDR tooling (CrowdStrike, SentinelOne)
- Triaging alerts including phishing, malware, lateral movement
- Understanding of TCP/IP, DNS, HTTP/S, and attack patterns
- Read/write basic scripts or queries (Python, Bash, KQL, SPL)
π Benefits
- Competitive salary & equity
- Unlimited PTO
- Full Health, Vision, & Dental coverage
- 401k match
- Hardware setup: MacBook Pro, big display, accessories
Meet JobCopilot: Your Personal AI Job Hunter
Automatically Apply to Engineering Jobs. Just set your
preferences and Job Copilot will do the rest β finding, filtering, and applying while you focus on what matters.
Help us maintain the quality of jobs posted on Empllo!
Is this position not a remote job?
Let us know!