Cyber Defense Engineer (Blue Team)
About this position
In this role, you will be a key person for the overall CSOC architecture design and development, including integration between the various platforms and components.
Responsibilities
• Identify, evaluate, and design new systems and technologies, providing security engineering guidance.
• Collaborate with the Threat Intelligence team to develop technical designs for CSOC use cases.
• Develop dashboards and track key performance indicators.
• Work with the security monitoring team to enhance CSOC operations and assist in incident response.
• Evaluate and select technology solutions for CSOC needs.
• Design automation and integration with other CSOC services.
• Collaborate with the CSOC Architect to test and refine the technology stack.
• Document CSOC technology architecture and deployments.
• Perform daily CSOC log management tasks, including configuration, patch management, and fine-tuning.
• Create searches, reports, dashboards, and visualizations.
• Manage all security and data stored by the CSOC.
• Implement, configure, and manage data sources.
Requirements
• Bachelor's Degree in a related field such as Information Security, Management or Computer Engineering.
• Platform-specific certification is preferred.
• Extensive experience with the design, development, implementation and management of security analytics, threat intelligence, security use case management and other CSOC and information security platforms.
• Working knowledge and expertise in various leading security technology and product e.g. Splunk, ThreatQ, FortiSOAR, Exabeam, or Sentinel.
• At least 2-10 years of relevant experience in Cyber Security, Security Architecture, with minimum of four years in the design and implementation of a SIEM.
• Experience working in a Cyber Security Operations Centre (CSOC), Managed Security Service (MSS), Cloud security, enterprise network environment.
• Excellent written and oral communication skills.
• Excellent organizational and time management skills.