Pay Range: $ 65 - $ 70

Key Responsibilities:

• Lead and collaborate with development teams to architect and implement scalable, secure SIEM and SOAR solutions in cloud environments (AWS or Azure).

• Drive AWS-focused detection engineering efforts using services like GuardDuty, CloudTrail, CloudWatch, SecurityHub, and KMS, and apply CSPM, DSPM, SSPM, and CIEM practices.

• Support the full lifecycle of detection solutions: from architecture and integration with data sources to development, testing, and deployment of custom threat detection logic.

• Conduct in-depth security incident analysis, improve incident response procedures, and ensure alignment with security standards, compliance frameworks, and internal policies.

• Continuously research and evaluate new threat detection tools, emerging security trends, and cloud-native security technologies to enhance platform defense.

• Collaborate with cross-functional teams to ensure clear objectives, continuous feedback, and alignment between security engineering and business goals.

Must-Have Qualifications:

• 3+ years of hands-on experience in SIEM and Security Operations using tools like Splunk ES, Palo Alto Cortex, MS Sentinel, CrowdStrike, or Chronicle.

• Strong cloud security experience with AWS (or Azure), including CSPM, detection controls, and security service integrations.

• Proficiency in programming (Python, C++ preferred) for automation and custom detection logic development.

• Experience with threat detection and response-based security controls in cloud environments (AWS, GCP, Azure).

• Working knowledge of security compliance frameworks such as CIS, NIST, or custom policies.

Nice-to-Have Qualifications:

• Certifications in Splunk or relevant cloud/security technologies.

• Experience with DPM, SSPM, or CIEM solutions.

• Strong communication and collaboration skills across technical and non-technical teams.

• Previous experience working in regulated or enterprise-scale environments, especially in finance or critical infrastructure sectors.