Job Description
Role Overview:
Utilising knowledge of security operations, incident response, and detection engineering, you will be responsible for the delivery of SIEM detections and security automations.
The successful candidate will be proficient in automation and orchestration tools (e.g., SOAR platforms, scripting languages like Python, PowerShell) and have experience with integrating security tools (e.g., SIEM, EDR, firewalls) APIs, and Case Management tools for data enrichment.
Responsibilities:
1. Build security automations, logging, and SIEM detections to improve the CDO's efficiency, scalability, and incident response capabilities.
2. Design, implement, and maintain automated workflows and playbooks to streamline CDO operations, including incident response, threat hunting, cyber threat intelligence and vulnerability management.
3. Collaborate with CDO analysts to identify repetitive tasks and automate them to improve operational efficiency.
4. Collaborate with Threat Intelligence, Incident Response, and Attack Surface Management to build and tune robust SIEM detections for both proactive and reactive response actions.
5. Continuously evaluate automation solutions for performance, reliability, and scalability, making improvements, as necessary.
6. Collaborate with third-party vendors and service providers to leverage automation opportunities and ens...