We are currently seeking a seasoned Senior Threat Detection & Response Engineer to join our cybersecurity operations team. This pivotal role offers a unique opportunity for an experienced professional passionate about Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) to lead and shape our detection and response capabilities.

• Lead the development and implementation of advanced detection logic, leveraging SIEM and EDR tools, to effectively identify and respond to evolving cyber threats.
• Stay abreast of the latest security industry trends, emerging threats, and innovative mitigation techniques to continuously enhance our cybersecurity posture.
• Drive regular threat hunting initiatives and actively participate in purple team exercises to refine and mature our detection capabilities.
• Collaborate closely with key stakeholders to define, refine, and operationalize use cases within our SOAR platform, ensuring seamless orchestration and automation of security workflows.
• Forge strategic partnerships with vendors to explore and integrate cutting-edge technologies that align with our cybersecurity objectives and enhance our detection and response capabilities.
• Assist with the administration and optimization of our SIEM and SOAR systems, ensuring their effectiveness in detecting and responding to security incidents.
• Participate in the review of threat intelligence reports to assess their relevance to the organization and propose suitable actions.
• Contribute to the development and maintenance of comprehensive technical documentation and Standard Operating Procedures (SOPs) to ensure consistent and effective response procedures.
• Mentor and coach junior team members, fostering a culture of knowledge sharing and professional development within the cybersecurity operations team

Qualifications:

* Minimum 7 years experience in Information Security, with a strong focus on threat detection and incident response.
* Bachelor's degree in Information Technology, Computer Science, or a related field is preferred, although equivalent work experience and industry certifications will be considered.
* Extensive experience in creating detection logic, SIEM rules, and custom detections within EDR tools, with proficiency in platforms such as CrowdStrike (EDR) and Elastic (SIEM) highly desirable.
* Demonstrated expertise in automating security processes using SOAR tools, with hands-on experience in platforms like Cortex XSOAR considered a significant advantage.
* Proficiency in scripting languages such as PowerShell and Python for integrating and customizing security tools and workflows.
* Passion for continuous improvement and a collaborative mindset, with a drive to share knowledge and contribute to the growth of the team.
* Excellent problem-solving skills and the ability to develop creative solutions to complex cybersecurity challenges.
* Relevant security certifications such as Security+, CISSP, or GIAC certifications are a strong plus, reflecting a commitment to professional development and expertise in the field.