Expert IT Cyber Defense Analyst (Rotational shifts 24/7)

Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or equivalent practical experience. 5–8+ years of experience in SOC operations, cyber defense, threat hunting, or incident response roles. Strong hands-on expertise with SIEM (Splunk, Sentinel), EDR (CrowdStrike, Microsoft Defender), IDS/IPS, Firewalls, and cloud security monitoring (Azure/AWS). Deep knowledge of Windows, Linux, and cloud audit logs, authentication flows, and security telemetry. Proven experience investigating high-severity incidents, malware behavior, lateral movement, privilege misuse, and network-based threats. Strong understanding of MITRE ATT&CK, cyber kill chain, threat intelligence lifecycle, and adversary detection techniques. Experience writing detection rules, triage workflows, and automated SOAR playbooks. Strong analytical, investigative, and communication skills.

Perform continuous monitoring of network, endpoint, identity, cloud, and application telemetry. Identify sophisticated threats by correlating multi-source telemetry and detecting anomalies. Enhance SIEM and EDR detection logic by creating and tuning correlation rules. Lead high-severity incidents and complex investigations. Conduct in-depth forensic analysis of endpoints, logs, and network flows. Collaborate with the Incident Response (IR) team to drive containment, eradication, and recovery. Perform proactive threat hunting aligned with the latest threat intelligence. Serve as a subject matter expert for Tier 1 and Tier 2 analysts. Review and audit alerts handled by junior analysts. Contribute to SOC capability uplift through training and knowledge sharing. Develop, refine, and maintain SOPs and incident response playbooks. Assess business impact of ongoing or emerging threats and prioritize response efforts. Communicate technical findings, risks, and remediation recommendations to stakeholders. Collaborate with Cloud, Infrastructure, Application, and Threat Intelligence teams.