Key skills
Cyber SecurityLinuxCritical Thinking
About this role
Role Overview
- Monitor and triage security alerts.
- Build, test, and refine detections to enhance threat identification across Mac, Linux, and Windows systems.
- Conduct in-depth analysis of security incidents, including malware, phishing, and advanced persistent threats, leveraging SIEM and EDR capabilities.
- Perform proactive threat hunting using the SIEM and EDR features.
- Investigate and respond to incidents swiftly, following established incident response protocols.
- Document findings clearly and provide actionable remediation recommendations.
- Collaborate with cross-functional teams to strengthen security controls and mitigate vulnerabilities.
- Stay current on emerging threats, vulnerabilities, and industry trends through self-directed learning.
- Participate in on-call rotation for 24x7x365 SOC coverage, demonstrating reliability and accountability.
- Escalate confirmed or suspicious incidents and cases to the Incident Response team.
Requirements
- 4-5+ years in a SOC and or active participant on incident response teams.
- Hands-on experience with CrowdStrike (or other EDR), triaging security incidents.
- Proven ability to write CQL (or similar) queries and build detections for threat monitoring.
- Experience triaging alerts in a high-volume environment.
- Experience with threat intelligence feeds, platform and OSINT tools (VirusTotal, etc.)
- Familiarity with forensic analysis and evidence handling.
- Exceptional critical thinking and analytical skills to address complex security challenges.
- Self-starter with a proven ability to take initiative and deliver results independently.
- Strong understanding of cybersecurity principles, threat landscapes, and attack vectors.
- Proficiency in analyzing logs, network traffic, and endpoint data using CrowdStrike Next-Gen SIEM, particularly for Mac and Linux systems (Windows experience a plus).
- Solid knowledge of incident response processes and methodologies.
- Familiarity with operating systems, with primary expertise in Mac and Linux, and secondary knowledge of Windows.
- High attention to detail and ability to make sound decisions under pressure.
- Demonstrated commitment to continuous learning and professional development in cybersecurity.
Tech Stack
- Cyber Security
- Linux
Benefits
- Employee will have the option to work remotely.