- Active participant in the 24/7 Blue Team operation.
- Take ownership of the team’s infrastructure making sure it is up to date and operating as expected.
- Be involved in the evaluation and design of new tools.
- On-board security log data and tune the SIEM platform.
- Extend functionality of tools by deploying API integrations and automation tasks.
- Develop detection strategies and deploy alerting to identify malicious activity.
- Assist with the team’s main responsibilities by contributing during triage and incident response.
- Participate in and lead training activities, working groups and knowledge sharing with other members in the team.
- Proven experience as an engineer working with cyber security related infrastructure and tooling.
- Experience implementing and/or operating a SIEM.
- Background in engineering disciplines such as, DevOps, cloud technologies, infrastructure as code, CI/CD, API integrations.
- Experience with scripting languages, data processing and task automation.
- Understanding of the cyber threat landscape and adversary tactics is an advantage.
- Good documentation and communication skills.
To apply for this job please visit jobs.lever.co.