Aujas Cybersecurity

SOC 6+ Utilize SIEM tools, primarily IBM QRadar, along with EDR solutions and antivirus software, for real-time security event monitoring and analysis.

- Perform in-depth investigations into security incidents, providing detailed technical analysis and recommendations for remediation.

- Ensure 24/7 availability to respond to security incidents according to established incident response processes and SLAs.

- Lead and manage the SOC team, providing guidance, training, and mentorship to Level 1 and Level 2 security analysts.

- Foster a collaborative and high-performing team environment, promoting knowledge sharing and professional development.

- Assign tasks, monitor team performance, and conduct performance evaluations.

- Develop, integrate, and fine-tune use cases and log sources within IBM QRadar to enhance threat detection capabilities.

- Manage and maintain the health and performance of the IBM QRadar platform.

- Create custom rules, reports, and dashboards within IBM QRadar to meet specific monitoring and

reporting requirements.

- Serve as a primary point of contact for client escalations related to security incidents and SOC operations.

- Maintain strong client relationships through effective communication, regular updates, and proactive engagement.

- Travel as needed to meet with clients to discuss security posture, incident reviews, and service delivery.

- Create and present comprehensive governance reports to clients and internal stakeholders, detailing security incidents, trends, and performance metrics.

- Lead and facilitate cyber security drills and tabletop exercises to assess and improve incident response capabilities.

- Generate actionable insights from security data to provide recommendations for enhancing the overall security posture.

- Stay updated on the latest MITRE ATT&CK framework tactics and techniques, and possess a strong understanding of the cyber kill chain methodology.

- Utilize threat intelligence feeds and platforms to proactively identify potential threats and vulnerabilities.

- Communicate effectively with clients on technical and non-technical topics, both verbally and in writing, ensuring clear and concise information sharing.

- Prepare and deliver presentations on security incidents, trends, and recommendations to client stakeholders.

- Develop and maintain clear and concise documentation for SOC processes, incident response procedures, and IBM QRadar Skills and Experience:

- 6-8 years of progressive experience in security operations, incident response, and incident management.

- Proven proficiency in using SIEM tools, with expert-level knowledge of IBM QRadar.

- Hands-on experience with EDR (Endpoint Detection and Response) solutions and antivirus software.

- Strong knowledge of network security concepts and technologies, including firewalls, proxies, DLP (Data Loss Prevention), DNS, WAF (Web Application Firewall), and other networking protocols.

- Demonstrated experience in handling client escalations and working effectively in client-facing roles.

- Good understanding of the MITRE ATT&CK framework and the cyber kill chain.

- Proven ability to create use cases and successfully integrate various log sources into IBM QRadar.

- Experience in creating comprehensive governance reports and leading cyber security drills.

- Self-motivated with the ability to work independently and as an integral part of a team.

- Excellent communication skills, both verbal and written, with the ability to articulate technical details to diverse Skills:

- Prior experience working in the banking, insurance, or finance sectors, understanding their specific security challenges and compliance requirements.

- Experience with other SIEM platforms besides IBM QRadar.

- Relevant security certifications such as CompTIA Security+, CEH, GCIH, or CISSP.

- Experience with SOAR (Security Orchestration, Automation and Response) platforms.

- Knowledge of scripting languages like Python for automation and analysis.

- Experience with threat hunting methodologies and Skills:

- Strong analytical and problem-solving skills with a systematic approach to incident investigation.

- Ability to follow established incident response procedures and workflows.

- Excellent organizational and time management Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.

- 6+ years of relevant experience in a SOC environment with a strong focus on IBM QRadar.

- Proven experience in leading incident response efforts and managing security analysts.

- Excellent understanding of security principles, threats, and vulnerabilities.

- Willingness to travel as needed to meet with clients and provide on-site support.