Job Description
Responsibilities:
Handle and investigate incidents escalated from Tier 1.
Optimize attack detection rules on Splunk and WAF systems.
Develop new security playbooks for SIEM based on emerging attack patterns.
Analyze and assess incoming security logs and define log requirements for the SOC.
Collaborate with the CERT team to identify root causes of incidents.
Requirements:
Minimum of 4 years of experience working in a SOC environment.
Bachelor’s degree in any IT-related fields is requierd.
Strong proficiency in Splunk SIEM.
Full understanding of the MITRE ATT&CK framework.
Hands-on experience with at least one security platform (WAF, Firewall, or IPS).
Proficiency in analyzing Windows and Linux logs.
Familiarity with Linux operating systems.
Ability to be On-Call when required.
Availability to work during nighttime hours in emergency situations (no fixed night shifts).
