If you're proficient in technologies such as Crowdstrike, Splunk, AWS, and Azure, and thrive in collaborating with Engineers teams up to management level, we want to hear from you!The organisation has a focus on innovation and continuous improvement and strives to create a secure and resilient environment for its customers and employees.As a principal SOC SME, you will play a crucial role in safeguarding the systems and data against evolving cyber threats. Your responsibilities will include:
- SOC SME for all the relevant related projects
- Assist in identifying and uplifting controls to prevent, detect and respond to security incidents
- Develop splunk based detections for attacker TTPs and security alerts along with playbooks for triage and response
- Maintain a future view of the critical systems to monitor and ensure adequate logs are collected to support a pipeline of detection development
- Work closely with Threat Management to understand IoC's collected from threat intelligence
- Work closely with Security Engineering to design meaningful alerts based on IoC's
- Assist in identifying potential trends in events, alerts and incidents.
- Provide input into Incident Handling documentation including: processes and playbooks and ensuring they are adopted across the organisation
- Participate in PIR's
- Drive efficiencies through process improvement, automation and tooling
- Encourage continual innovation to increase visibility and reduce incident identification time
- Collect and maintain detection metrics on a regular basis
- At least 6 + years of SOC and Security experience
- Must have solid experince working in a Principal or Lead capacity
- Proven experience with tools such as CrowdStrike, Splunk, AWS, and Azure.
- Proven experience managing significant incidents
- Strong hands-on experience in SOC operations and all stages of incident response
- Deep expertise across either incident response or detection engineering plus the ability to work across both
- Working knowledge of the kill chain methodology
- Ability to communicate effectively with technical teams and senior management stakeholders.