Related skills
aws cloud security incident response siem edr📋 Description
- Security monitoring and alert triage: review SIEM/EDR alerts and prioritize incidents.
- Incident response and containment: investigate incidents, isolate systems, eradicate threats.
- Threat detection and use-case tuning: create and tune detection rules to reduce false positives.
- Threat intelligence ingestion and analysis: consume intel feeds and operationalize detections/blocks.
- Endpoint security operations: manage EDR agents, respond to endpoint alerts, live response/forensics.
- Identity and access monitoring: detect suspicious logins, privilege escalation, lateral movement.
🎯 Requirements
- Bachelor's degree in CS/Info Security; advanced degree preferred.
- Minimum 8 years of experience in information security focusing on SOC, IR, and threat hunting.
- Knowledge of MITRE ATT&CK, NIST SP 800-61, and other security frameworks.
- Extensive experience with SIEM and EDR platforms; log ingestion and detection tuning.
- Cloud experience with AWS; GuardDuty, CloudTrail, Security Hub; cloud threat investigations.
- Experience developing Incident Response playbooks, runbooks, and SOPs.
- Strong communication and analytical skills; forensics and root-cause analysis.
- Certifications such as CompTIA Security+, CISSP, AWS Security - Specialty are desirable.
Meet JobCopilot: Your Personal AI Job Hunter
Automatically Apply to Engineering Jobs. Just set your
preferences and Job Copilot will do the rest — finding, filtering, and applying while you focus on what matters.
Help us maintain the quality of jobs posted on Empllo!
Is this position not a remote job?
Let us know!