5+ years of experience
in a Security Operations Center (SOC) environment, with hands-on work in detection engineering, incident response, or security monitoring.
3+ years in a client-facing pre-sales, solution architecture, or security consulting role.
Strong knowledge of SIEM (e.g., Splunk, Elastic, Sentinel, Secops), SOAR, EDR, XDR, and log management technologies.
Experience designing or optimizing SOC services such as threat detection engineering, alert tuning, threat hunting, incident triage, and response processes.
Ability to translate business requirements into technical security solutions.
Familiarity with cybersecurity frameworks such as MITRE ATT&CK, NIST, ISO 27001, and CIS Controls.
Strong presentation, whiteboarding, and customer engagement skills.
Excellent technical writing skills for documentation, proposals, and SOWs.
Responsibilities:
Engage directly with prospects and clients to understand their Security Operations Center (SOC) needs, pain points, and objectives.
Develop and present customized security operations solutions, including SIEM, SOAR, EDR, log management, threat detection engineering, and SOC service offerings.
Create technical proposals, solution designs, statements of work (SOWs), and RFP responses aligned to customer requirements.
Lead technical workshops and whiteboarding sessions with prospective customers.
Map customer environments against cybersecurity frameworks (e.g., MITRE ATT&CK, NIST CSF) and recommend improvements.
Collaborate with delivery and engineering teams to ensure proposed solutions are feasible, scalable, and operationally sound.
Conduct technical assessments of current security operations environments and identify optimization opportunities.
Stay current on security technologies, SOC best practices, and threat detection methodologies.