about 4 hours ago
Kansas City, MO, USA or Scottsdale, AZ, USASenior
Responsibilities
- Handle complex incident response and escalation for high-severity incidents.
- Assess and improve telemetry and logging coverage in customer environments.
- Ensure the quality of SIEM and detection capabilities.
- Contribute to the quality of response automation and playbooks.
- Support technical needs across the organization as a knowledgeable resource.
- Improve SOC tooling and operational workflows for analysts.
Requirements
- 5+ years in security operations, incident response, or detection engineering.
- Strong fluency in logging and telemetry evaluation.
- Hands-on experience with SIEM platforms like Google Chronicle, Microsoft Sentinel, or Splunk.
- Solid understanding of response automation and SOAR playbook structure.
- Working knowledge of cloud security architecture in AWS, Azure, or GCP.
- Scripting proficiency in Python or PowerShell.