Job Description

Roles & Responsibilities

Security Monitoring & Incident Response

• Security incident investigations and provide technical support.

• Perform real-time monitoring of SIEM, XDR, NDR, OT and cloud security platforms.

• Perform root cause analysis (RCA) and document lessons learned.

• Coordinate containment, eradication, and recovery actions.

• Ensure adherence to defined SLAs and KPIs for incident handling.

Detection Engineering & Use Case Management

• Develop and tune SIEM/XDR correlation rules aligned with MITRE ATT&CK.

• Reduce false positives and improve detection coverage.

• Implement advanced use cases for insider threats, data exfiltration, ransomware, and APT activities.

• Conduct log source onboarding, parser development, and normalization.

• Periodically review and optimize alert thresholds and detection logic.

Vulnerability Management

• Lead end-to-end vulnerability management lifecycle (discovery, assessment, prioritization, remediation validation).

• Correlate vulnerability data with threat intelligence and exploitability context.

• Conduct risk-based vulnerability prioritization using CVSS, business impact, and asset criticality.

• Validate remediation effectiveness through rescans and penetration testing support.

• Prepare executive dashboards highlighting risk exposure and remediation trends.

Threat Hunting & Threat Intelligence Integration

• Perform proactive threat hunting using hypothesis-driven methodologies.

• Integrate threat intelligence feeds into SIEM/XDR platforms.

• Track emerging TTPs and adjust detection strategies accordingly.

• Conduct adversary simulation validation exercises.

• Share actionable intelligence with internal stakeholders

Reporting & Stakeholder Management

• Critical/High vulnerability tracking

• Vulnerability aging & SLA breach reporting

• Remediation status (open vs. closed tracking)

• Monthly trend & risk analysis reporting

• Exploitable / high-risk vulnerability reporting

• Internet-facing & asset coverage reporting

• Patch compliance & validation reporting

• Exception / risk acceptance reporting

• Audit & compliance evidence reporting

Qualification-

• 8+ of experience in IT Security Systems and Information Security.

Education:

• Bachelor’s degree in Cybersecurity, Information Security, Computer science or related field.

Certification: any one Mandatory

Tenable Certified Nessus Professional (TCNP)

Tenable Certified Security Center (TCSC)

Qualys Certified Specialist – Vulnerability Management (VMDR)

Qualys Certified Specialist – Web Application Scanning (WAS)

Preferred:

CEH (Certified Ethical Hacker)

Microsoft Certified: Security Operations Analyst (SC-200)

OSCP (Offensive Security Certified Professional)

Skillset:

• Hands-on expertise in SIEM, XDR/EDR, NDR, SOAR, vulnerability management, and cloud security monitoring.

• Strong understanding of MITRE ATT&CK, threat hunting, malware analysis, and log correlation.

• Proven experience managing the full vulnerability management lifecycle with risk-based prioritization.

• Ability to translate technical findings into business risk and support risk assessments, control gap analysis, and risk treatment planning.

• Experience in SOC build, use case tuning, automation, and continuous SOC maturity improvement.

• Strong knowledge of security frameworks and regulatory requirements (e.g., ISO 27001, NIST CSF).

• Excellent analytical, communication, reporting, and stakeholder management skills.

• Vulnerability Management

• Tenable, Qualys, Rapid7, Acunetix, Burp Suite Scanner

• SIEM Management (log analysis, correlation rules, dashboards)

• Alert Triage & Incident Handling

• Threat Detection & Analysis

• EDR/XDR Monitoring & Investigation

• Network Traffic Analysis (NDR, Firewall, IDS/IPS)

• Malware Analysis (Basic static/dynamic analysis)

• Basic Scripting (PowerShell / Python / KQL / SPL)

• Cloud Security Monitoring (Azure/AWS/GCP)

• Report Writing & Incident Documentation

Desired Candidate Profile

.