Key Responsibilities

Lead investigations of high-severity incidents including root cause analysis and containment strategies.
Perform root cause analysis and recommend containment, eradication and recovery actions.
Perform proactive threat hunting and detection engineering aligned to MITRE ATT&CK.
Develop, fine-tune and validate SOC detection use cases, dashboards and automation playbooks.
Engage directly with customers during incident response and regular security reviews.
Provide clear and concise incident reports including technical analysis and recommendations.
Provide technical guidance and mentorship to Tier 1 analysts.
Collaborate with consulting, engineering and threat intelligence teams for service improvements.
Contribute to compliance and regulatory reporting (e.g. MAS TRM, PCI DSS, ISO 27001)
Stay up to date with emerging threats, attack vectors and security technologies.
Contribute to SOC knowledge base, playbooks and best practices.
Participate in red team / blue team exercises and cross-training.

Qualifications

Bachelor’s degree in Information Security, Computer Science or equivalent professional experience.
3-5 years of SOC, incident response or threat hunting experience.
Strong hands-on knowledge of SIEM (Splunk, Sentinel, Cortex, XSIAM), SOAR and EDR/XDR platforms.
Familiarity with cloud security monitoring (AWS, Azure, GCP) and IoT/OT threat detection.
Knowledge of malware analysis, phishing detection and insider threat scenarios.
Familiarity with frameworks like MITRE ATT&CK, MITRE D3FEND and NIST CSF.
Preferred certifications: GCIA, GCIH, GCFA, GREM, CISSP or vendor-specific certifications (e.g Palo Alto, CrowdStrike, Microsoft, Fortinet)
Strong analytical and problem-solving skills with ability to work under pressure.
Excellent customer communication and report writing skills.
Ability to work in a 24x7 shift environment.
Team oriented, adaptable and eager to learn in a fast-paced environment

CYBER SECURITY CONSULTANT