Key skills
CloudCyber SecurityIAMSumo LogicCloudflareCollaborationCloud SecurityZero Trust
About this role
Role Overview
- Monitor and investigate security alerts using SIEM platforms (preferably Sumo Logic), performing threat analysis and incident triage across endpoints, networks, and cloud environments
- Operate and tune endpoint detection solutions like CrowdStrike, while supporting Zero Trust Network Access and cloud security solutions including Cloudflare
- Execute full incident response activities from containment through post-incident analysis, continuously improving our response procedures and playbooks
- Fine-tune alerts, correlation rules, and detection logic to reduce false positives and enhance our signal-to-noise ratio
- Develop and maintain SIEM dashboards, detection use cases, and operational reporting while creating comprehensive SOC documentation
- Support security audits and compliance activities, working closely with IAM teams
Requirements
- Extensive hands-on experience in Security Operations Center environments with strong practical SIEM platform knowledge, ideally Sumo Logic
- Proven experience with endpoint protection/EDR tools (preferably CrowdStrike) and solid understanding of ZTNA and cloud security solutions
- Strong knowledge of Identity and Access Management concepts with practical Data Loss Prevention experience
- Demonstrated ability to improve alert quality through noise reduction and use-case optimization, plus strong incident handling and threat analysis skills
- Good working knowledge of security frameworks including ISO/IEC 27001, NIST Cybersecurity Framework, and PCI DSS
- Professional English proficiency with strong analytical mindset and ability to work effectively under pressure during security incidents
Tech Stack
- Cloud
- Cyber Security
Benefits
- Equal Opportunities Statement
- Collaboration and professional growth opportunities
- Strong access management and data protection controls