Related skills
cloud security siem edr iam soar๐ Description
- Lead complex investigations and containment for high-severity SOC incidents.
- Own high-severity alerts and perform technical triage through containment.
- Coordinate with Incident Response, Cloud/Platform, Identity, and Engineering teams.
- Tune detections and refine playbooks to improve SOC quality.
- Mentor Level 1 analysts and drive post-incident learnings into better controls.
- Collaborate on cross-team investigations and ensure timely case documentation.
๐ฏ Requirements
- 2-5+ years of SOC/IR/SECOPS experience.
- Strong ability to investigate cloud, endpoint, identity, and network security.
- Proficiency with SIEM and common SOC tools (Splunk/Elastic/Sentinel, CrowdStrike/Defender).
- Ability to write clear incident documentation: timelines, scope, impact, containment, remediation.
- Comfort operating in an on-call or shift environment.
- Nice to Have: Detection engineering; DFIR fundamentals; Kubernetes logging.
Meet JobCopilot: Your Personal AI Job Hunter
Automatically Apply to Engineering Jobs. Just set your
preferences and Job Copilot will do the rest โ finding, filtering, and applying while you focus on what matters.
Help us maintain the quality of jobs posted on Empllo!
Is this position not a remote job?
Let us know!