Key skills
PythonBashPowerShellAnalyticsAWSAzureGCPSplunkServiceNowLeadershipCommunicationNetwork SecurityCloud Security
About this role
Company Description
BETSOL is a cloud-first digital transformation and data management company offering products and IT services to enterprises in over 40 countries. BETSOL team holds several engineering patents, is recognized with industry awards, and BETSOL maintains a net promoter score that is 2x the industry average.
BETSOL Global IT Services (BETSOL.com) builds and supports end-to-end enterprise solutions, reducing time-to-market for its customers. We take pride in being an employee-centric organization, offering comprehensive health insurance, competitive salaries, volunteer programs, and scholarship opportunities.
Job Description
This role will monitor, detect, analyze, and respond to security threats across the enterprise environment. You will work closely with threat intelligence, incident response, and engineering teams to protect the infrastructure, data, and customers. The ideal candidate has solid SOC experience, a strong technical foundation in security tooling, and a proactive mindset toward identifying and mitigating risk.
Responsibilities:
- Monitor security events and alerts across SIEM, EDR, IDS/IPS, and cloud security platforms in real time
- Triage, investigate, and respond to security incidents following established incident response procedures and playbooks
- Perform root-cause analysis on security events and document findings, containment actions, and remediation steps
- Develop, tune, and maintain detection rules, correlation queries, and alerting logic to reduce false positives and improve signal fidelity
- Conduct threat hunting activities using threat intelligence feeds, MITRE ATT&CK framework, and behavioral analytics
- Collaborate with IT, DevOps, and infrastructure teams to remediate vulnerabilities and harden systems and configurations
- Manage and operate security tools including SIEM (Splunk, Microsoft Sentinel, or similar), EDR (CrowdStrike, SentinelOne, or similar), and vulnerability management platforms
- Support the development and continuous improvement of security operations runbooks, playbooks, and standard operating procedures
- Participate in tabletop exercises, red team/blue team engagements, and incident simulations
- Track and report on security metrics, key risk indicators (KRIs), and SOC performance to leadership
- Assist with forensic investigation of compromised endpoints, accounts, or network segments
- Stay current on the evolving threat landscape and proactively share intelligence with the security team
Qualifications
Qualifications:
- 3–5 years of experience in a Security Operations, SOC Analyst (Tier 2/3), or Security Engineer role
- Hands-on experience with SIEM platforms such as Splunk, Microsoft Sentinel, IBM QRadar, or similar
- Experience with EDR/XDR tools such as CrowdStrike Falcon, SentinelOne, Microsoft Defender for Endpoint, or Carbon Black
- Solid understanding of network security concepts including firewalls, IDS/IPS, proxies, DNS security, and network traffic analysis
- Familiarity with cloud security monitoring for AWS, Azure, or GCP environments (CloudTrail, Security Hub, Defender for Cloud)
- Working knowledge of the MITRE ATTACK framework and its application to detection engineering and threat hunting
- Experience with vulnerability management tools such as Tenable Nessus, Qualys, or Rapid7 InsightVM
- Proficiency in scripting (Python, PowerShell, Bash) for automation of security tasks, log parsing, and alert enrichment
- Understanding of incident response lifecycle, digital forensics fundamentals, and chain-of-custody procedures
- Knowledge of security frameworks including NIST CSF, CIS Controls, and ISO 27001
- Experience with ticketing and SOAR platforms (Splunk SOAR, Palo Alto XSOAR, ServiceNow SecOps) for case management and automation
- Strong analytical skills with the ability to synthesize large volumes of data into actionable findings
- Excellent written and verbal communication skills; ability to convey technical findings to both technical and non-technical audiences
- Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, or a related field
- Certifications such as CompTIA CySA+, GIAC GCIA, GIAC GCIH, CEH, or Microsoft SC-200 preferred
- Experience with threat intelligence platforms (TIPs) and indicator-of-compromise (IOC) management is a plus
Additional Information
All your information will be kept confidential according to EEO guidelines.