Required Experience & Qualifications:

10+ years of information security experience

Advanced knowledge of Security Operations Center (SOC) operations, incident response,

and security monitoring practices.

Prioritise and escalate any issues that could put business objectives, results, or

processes at risk.

In-depth knowledge and experience with current cyber threats and landscape to

enterprise environments

Ability to architect and drive implementation of large-scale cross-company initiatives

Previous experience with the following tools is required: Splunk, EDR Solutions,

Atlassian, ServiceNow, GitHub, Okta, and Microsoft Security products

Familiarity with incident response frameworks and methodologies, such as the NIST

Incident Response Framework or the SANS Incident Response Process, to guide efficient

and effective incident handling.

Desired Qualifications

Experience with incident response in cloud platforms [AWS, GCP, etc]

Practical scripting language knowledge [Python, PowerShell, bash, etc.]

Incident Response specific or other relevant certifications [ex. GCFA, GCIH, GNFA,

GREM, etc.]

Excellent verbal, written, and interpersonal communication skills

Principal Engineer-Cyber Defense (SOC+ Threat+ IR)