Job Responsibilities:Monitor, analyze, and interpret security/system logs for events, operational irregularities, and potential incidents, and escalate issues to the appropriate teams when necessary.Oversee the detection and analysis of security events through various input tools and systems (SIEM, IDS/IPS, Firewalls, EDR, etc.).Conduct Red Team exercises to test and evaluate the effectiveness of preventive and monitoring controls in a simulated real-world attack environment, providing actionable feedback to improve defense strategies.Provide expert-level support for complex system/network exploitation and defense techniques, including deterring, identifying, investigating, and responding to system and network intrusions.Support in-depth malware analysis, focusing on both host and network-based threats, conducting log analysis, and performing triage in support of incident response activities.Maintain and enhance security technologies deployed across the organization, including customizing and fine-tuning SIEM use cases, parsing rules, and security tool configurations based on evolving threat intelligence.Monitor and assess the threat and vulnerability landscape, staying informed on new security advisories, zero-day vulnerabilities, and emerging threats, taking appropriate action to mitigate risks.Continuously monitor and triage security alerts, managing the escalation queue to ensure swift and efficient incident resolution.Monitor and fine-tune SIEM systems, improving content, parsing, and overall system maintenance to ensure accurate event correlation and detection of complex threats.Oversee security-related events in Cloud infrastructure, including IaaS, PaaS, and SaaS environments, responding to and mitigating security incidents in cloud environments.Deliver scheduled and ad-hoc reports on security posture, incident response outcomes, and security metrics, highlighting key findings, trends, and areas of improvement.Provide mentorship and guidance to L1 and L2 analysts, helping them grow their skills and knowledge of advanced threat detection, incident response, and security technologies.Develop and update Standard Operating Procedures (SOPs), incident response playbooks, and training documentation to ensure consistent, effective incident handling across all SOC tiers.Work through the full ticket lifecycle, from initial alert detection to final resolution, ensuring thorough documentation, follow-ups, and corrective actions as necessary.Generate end-of-shift reports, ensuring seamless knowledge transfer to subsequent shifts and maintaining continuity in incident management.Perform threat-intelligence research to stay up-to-date with emerging attack patterns, vulnerabilities, and threat actor tactics, techniques, and procedures (TTPs).Actively participate in security forums, contributing to the exchange of knowledge and best practices with the wider cybersecurity community.Job Specifications:Qualifications:Bachelors degree in Engineering, Computer Science, Cybersecurity, or closely related coursework in technology disciplines.Certifications such as CISSP, CEH, CISM, GCIH, GCIA, or other industry-recognized certifications are highly desirable.Extensive experience with the following tools and technologies: SIEM Tools: Splunk, IBM QRadar, SecureOnix, etc.Case Management Tools: Swimlane, Phantom, ServiceNow, etc.EDR Solutions: Crowdstrike, SentinelOne, VMware Carbon Black, McAfee, Microsoft Defender ATP, etc.Network Analysis Tools: Darktrace, FireEye, NetWitness, Panorama, etc.Cloud Security: AWS, Azure, Google Cloud Platform (GCP), and associated security monitoring tools.Experience:4+ years of SOC experience in progressively responsible roles with expertise in security monitoring, incident response, and threat detection/mitigation.Hands-on experience in conducting threat-hunting activities and vulnerability assessments.Proven ability to handle complex security incidents and effectively collaborate with cross-functional teams to mitigate cyber risks.Desired Skills:In-depth knowledge of SOC L1 and L2 responsibilities, with the ability to take the lead in complex incident investigations and escalate issues as needed.Advanced understanding of TCP/IP protocols, event log analysis, and the ability to interpret logs from various devices and systems.Strong understanding of Windows, Linux, networking concepts, and the interaction between different operating systems and networks.Experience analyzing network traffic and utilizing tools like Wireshark, tcpdump, and other packet capture and analysis utilities.Advanced understanding of security solutions like SIEMs, web proxies, EDR, Firewalls, VPNs, multi-factor authentication (MFA), encryption, IPS/IDS, etc.Functional knowledge of Cloud environments, and the specific security risks associated with IaaS, PaaS, SaaS offerings.Ability to research IT security issues and products, staying up to date with new attack vectors, cybersecurity tools, and evolving threats.Solid experience working in a TAT-based security incident resolution environment, with knowledge of ITIL and incident response best practices.Experience with scripting (e.g., Python, PERL, PowerShell) for automation, tool customization, and analysis is highly preferred.Malware analysis and reverse engineering skills are an added advantage.Personal Attributes:Highly self-motivated and proactive, with the ability to independently manage multiple tasks while maintaining attention to detail.Strong communication skills, both written and verbal, with the ability to effectively document findings, present reports, and communicate complex technical details to non-technical stakeholders.Ability to effectively prioritize tasks in a high-pressure, time-sensitive environment, with a focus on rapid, efficient incident resolution.Strong problem-solving skills, and a natural inclination to investigate and understand the root cause of security incidents.Team player, with the ability to work collaboratively with peers, other IT teams, and external partners, ensuring cohesive incident management and response.Passion for cybersecurity, with a keen interest in staying at the forefront of emerging security trends and technologies.

Key Responsibilities:Adversarial Simulations: Plan and execute red team engagements to simulate real-world adversary attacks, including network infiltration, social engineering, web application exploitation, and physical security testing.Vulnerability Assessment: Identify vulnerabilities in the organization's infrastructure, applications, and networks by conducting simulated attacks, including penetration testing and security assessments.Threat Emulation: Develop and simulate advanced persistent threats (APTs), insider threats, and other sophisticated adversary tactics, techniques, and procedures (TTPs) to evaluate defense mechanisms.Collaboration: Work closely with other cybersecurity teams, such as blue teams (defensive security) and incident response, to enhance the security posture of the organization through proactive threat identification and remediation.Security Improvement Recommendations: Provide detailed reports and recommendations after each red team engagement, ensuring that identified vulnerabilities are addressed and mitigated in a timely manner.Exploit Development: Design and develop proof-of-concept exploits to demonstrate the feasibility of identified vulnerabilities.Social Engineering: Perform social engineering assessments, including phishing campaigns, pretexting, and physical security assessments to evaluate an organizations susceptibility to human factors in security.Incident Reporting: Document findings and vulnerabilities in a clear, concise manner and present them to stakeholders, including executives, technical teams, and IT staff, in both written and verbal formats.Continuous Learning: Stay current with the latest cybersecurity threats, tools, techniques, and industry best practices to continuously improve the red team’s effectiveness.Tool Utilization and Development: Use commercial and open-source tools to conduct red team operations. Additionally, develop custom scripts or tools to facilitate specific attack scenarios.Qualifications:Education: Bachelor’s degree in Computer Science, Information Security, or related field, or equivalent work experience.Experience:3+ years of experience in offensive security, penetration testing, or red teaming.Experience with conducting and leading red team exercises, vulnerability assessments, and penetration tests.Strong understanding of security concepts, network protocols, operating systems (Linux, Windows, macOS), and web application security.Certifications:Certified Red Team Expert (CRTE)Offensive Security Certified Professional (OSCP)Certified Ethical Hacker (CEH) - PreferableGIAC Penetration Tester (GPEN) - PreferableCertified Information Systems Security Professional (CISSP) - PreferableTechnical Skills:Proficiency in programming/scripting languages such as Python, Bash, PowerShell, or others.Experience with red team tools (e.g., Cobalt Strike, Metasploit, Burp Suite, Nmap, etc.).Familiarity with attack simulation platforms, threat emulation frameworks (e.g., MITRE ATT&CK).Strong knowledge of attack methodologies and the tactics, techniques, and procedures (TTPs) of advanced persistent threats (APTs).Soft Skills:Strong analytical and problem-solving skills.Ability to communicate complex technical findings to both technical and non-technical stakeholders.Strong attention to detail and ability to work independently or as part of a team.Proactive, self-motivated, and eager to learn new security techniques and

Key Responsibilities:Talent Sourcing & Identification: Develop and implement innovative sourcing strategies to identify high-quality candidates for cybersecurity roles, including but not limited to Security Engineers, Threat Analysts, SOC Analysts, Penetration Testers, and Security Architects.Candidate Screening & Evaluation: Screen and evaluate candidates based on their technical skills, experience, and cultural fit for the organization. Conduct initial phone interviews, technical assessments, and behavioral interviews to assess suitability for open positions.Collaboration with Hiring Managers: Work closely with hiring managers to understand specific hiring needs, define job requirements, and craft effective job descriptions for cybersecurity roles. Provide expert advice on recruitment strategies and market trends.Candidate Relationship Management: Build and maintain strong relationships with passive and active candidates, providing an excellent candidate experience throughout the recruitment process. Ensure clear communication and timely feedback.Recruitment Metrics & Reporting: Track key recruitment metrics such as time-to-fill, candidate quality, and hiring manager satisfaction. Provide regular updates to leadership on recruitment progress and pipeline health.Onboarding Support: Coordinate with HR and hiring managers to ensure a smooth onboarding process for new hires, ensuring that all necessary paperwork and technical requirements are completed in a timely manner.Continuous Improvement: Continuously refine the recruitment process by identifying areas for improvement, experimenting with new sourcing techniques, and adopting best practices to enhance the overall hiring experience. Qualifications:Experience:Minimum of 3 years of technical recruiting experience, preferably within the cybersecurity or IT sector.Proven track record of recruiting for a variety of technical roles, including but not limited to Security Analysts, Engineers, SOC Analysts, and Penetration Testers.Skills & Expertise:Strong understanding of the cybersecurity landscape and the technical skills required for different roles within the industry.Familiarity with cybersecurity tools, certifications (e.g., CISSP, CISM, CEH, CompTIA Security+), and frameworks.Expertise in using recruitment platforms such as LinkedIn Recruiter, job boards, and applicant tracking systems (ATS).Ability to conduct technical interviews or collaborate with technical team members for effective assessments.Soft Skills:Excellent communication and interpersonal skills, with the ability to build relationships with candidates, hiring managers, and senior leadership.Strong negotiation skills and the ability to present compelling offers to high-caliber candidates.Attention to detail and the ability to manage multiple priorities and recruitment campaigns simultaneously.Education:A bachelors degree in Human Resources, Business Administration, Information Technology, or a related field is preferred.