Location: AUSTIN, TX, 78744, United States
Job Summary:
1. Job Duties and Scope:
- Monitor and triage security alerts in cybersecurity tools (SIEM, EDR).
- Assess alerts to identify false positives vs. those needing investigation.
- Lead investigations, analyze incidents, and provide remediation recommendations.
- Document incident response activities and collaborate on playbook updates.
- Work with cross-functional teams to communicate technical information.
- Optimize alert tuning and enhance security analytics processes.
- Utilize SOAR platforms for incident response automation.
- Mentor and train junior staff; stay updated on cybersecurity trends.
2. Required Skills:
- Proficiency in security technologies (SIEM, IDS/IPS, EDR).
- Strong analytical and problem-solving abilities.
- Excellent verbal and written communication skills.
- Ability to work independently and collaboratively.
- Quick learner capable of adapting to different roles.
3. Required Experiences:
- Bachelor's degree in Computer Science, Cybersecurity, or related field (or equivalent experience).
- 3+ years of experience in an enterprise-level SOC.
- Familiarity with enterprise ticketing systems (e.g., ServiceNow).
- Certification in incident handling or willingness to obtain one.
Job URLs: