Cyber Threat Detection & Response Engineer

What We Expect of You

We are seeking an experienced (Middle+) Cyber Threat Detection & Response Engineer to join our cybersecurity team. The selected candidate will provide incident response services, including advanced investigation, containment, remediation, and coordination across stakeholders.

Duties:
- Act as a SOC analyst, investigate and analyze security incidents escalated from L1/L2, including malware, phishing, and suspicious behavior across endpoint, network, or cloud environments.
- Perform containment and remediation actions in coordination with senior analysts or incident response leads.
- Contribute to the development and tuning of detection logic (e.g., SIEM correlation rules).
- Support root cause analysis and assist with post-incident documentation and reporting.
- Participate in refining incident response procedures and updating playbooks.
- Collaborate with Threat Intelligence, Red Team, and other cybersecurity teams to enrich incident context and improve detection capabilities.
- Stay informed on current threats, attack techniques (e.g., MITRE ATT&CK), and security tools.

Competencies:
- 3+ years of hands-on experience in a SOC or incident response role; 
- 5+ years total in cybersecurity.
- Strong understanding of cybersecurity fundamentals, attack vectors, and the incident lifecycle.
- Demonstrated experience investigating and responding to security incidents in enterprise environments.
- Skilled in event triage, basic malware analysis, threat hunting, and forensic techniques.
- Proficient with SIEM platforms (e.g., Splunk, QRadar, Sentinel) and EDR tools (e.g., CrowdStrike, Defender for Endpoint).
- Comfortable analyzing logs from endpoints, servers, network devices, and cloud platforms.
- Working knowledge of SOAR tools, scripting (Python, PowerShell), and core networking protocols (TCP/IP, DNS, HTTP/S).
- Familiarity with cloud security monitoring (AWS, Azure, or GCP).
- Understanding of MITRE ATT&CK and incident handling frameworks like NIST or ISO 27035.
- Strong analytical thinking, attention to detail, and clear written communication.

Nice to have:
- Relevant certifications (e.g., CySA+, GCIA, GCIH, GREM) are a plus.