Lead / Principal Technical Cyber Engineer Join a dynamic team as a Security Operations Center (SOC) Tech Lead, where you'll spearhead the enhancement and optimization of security monitoring capabilities while mentoring analysts to foster a culture of continuous improvement.
Responsibilities
Lead the architecture and optimization of core SOC platforms, including SIEM, SOAR, and threat intelligence tools.
Design and oversee data ingestion processes, ensuring log sources are parsed and enriched for analysis.
Develop and maintain detection rules and threat scenarios against SIEM and EDR platforms.
Define fidelity standards for alerts, tuning rules to reduce false positives while ensuring true positive detection.
Drive the creation of SOAR playbooks for incident triage and escalation, establishing engineering standards for playbook functionality.
Conduct post-incident reviews to identify gaps in detection and reinforce monitoring methods.
Mentor analysts on detection...