Day-to-Day Responsibilities 

• Provide technical leadership in cloud security and detection engineering.

• Develop and enhance detection logic in SIEM/SOAR tools (esp. in AWS environments).

• Use AWS tools (e.g., GuardDuty, CloudWatch, CloudTrail, KMS, SecurityHub) to monitor and defend cloud workloads.

• Design scalable, resilient SIEM/SOAR architectures.

• Code, test, and deploy custom security applications and detection rules.

• Integrate with data sources and threat intelligence feeds.

• Lead incident detection, analysis, and response improvement efforts.

• Ensure alignment with compliance, regulations, and internal security policies.

• Participate in audits, assessments, and penetration testing.

• Continuously research threats and evaluate new detection technologies.

Required Skills 

• SIEM Tools: 3+ years with Splunk (certified preferred), MS Sentinel, Chronicle, Cortex XDR, Crowdstrike, Anvilogic.

• Cloud Security: AWS, Azure, GCP; deep experience with cloud-based detection & response.

• AWS Tools: GuardDuty, CloudWatch, CloudTrail, KMS, SecurityHub, etc.

• Posture Management: CSPM (must), familiarity with SSPM, CIEM, DPM.

• Programming: Python (required), C++ (nice to have).

• Detection Engineering & Threat Modeling: Best practices knowledge.

• IaC Tools: Terraform, CloudFormation, CDK.

• Version Control & Methodologies: Git, Agile experience.

• Soft Skills: Strong leadership, communication, analytical thinking.
  
  
  PayRate Range: $65/HR- $70/HR