SECOPS Specialist

About the Role

We are seeking a SecOps Specialist to strengthen MEDFAR’s global security posture. In this role, you will manage our Microsoft Sentinel SIEM, contribute to cyber intelligence, and lead forensic investigations. You will play a critical part in safeguarding our systems, ensuring compliance, and responding effectively to evolving threats.

Key Responsibilities

SIEM Administration & Development

• Manage administration, configuration, and lifecycle management of Microsoft Sentinel.
• Develop and optimize content such as reports, dashboards, KQL rules, filters, and metrics.
• Implement standard procedures for operations, backup, disaster recovery, and patch/version management.
• Collaborate with SOC Manager and Analysts to improve analytics performance.

Cyber Intelligence

• Monitor threat intelligence feeds and maintain relationships with industry peers and law enforcement.
• Proactively research emerging threats, vulnerabilities, and risks.
• Develop actionable intelligence and share findings with SOC teams.
• Collaborate with security officers and content engineers to enhance detection patterns.
• Participate in on-call rotation (1 week every month)

Forensics & Investigations

• Lead forensic analysis for incidents, malware, and attack vectors.
• Collect, preserve, and analyze digital evidence with full chain of custody.
• Conduct root cause analysis, lessons learned, and reporting.
• Use forensic tools to recover and examine data, including compromised systems.
• Reverse engineer and analyze binaries, malware, and attack artifacts.
• Prepare technical reports and support legal and compliance processes as needed.
• Stay up to date with emerging methodologies, tools, and best practices.

Required Skill Set:

• Strong understanding of networking, operating systems (Windows, Linux, macOS), and cloud environments (AWS, Azure, GCP).
• Experience with SIEM tools (e.g., Splunk, ELK, QRadar, Sentinel).
• Knowledge of endpoint protection and monitoring tools (e.g., CrowdStrike, Carbon Black).
• Familiarity with firewalls, IDS/IPS, WAFs, and log analysis.
• Scripting skills (Python, PowerShell, Bash) for automation of tasks.
• Understanding of MITRE ATT&CK, cyber kill chain, threat intelligence feeds.
• Strong knowledge of incident response processes and forensic techniques.
• Excellent analytical, problem-solving, and communication skills.
• Experience with cloud security tools (Prisma, GuardDuty, Security Hub).
• Familiarity with compliance standards (PCI DSS, HIPAA, SOC 2).
• Knowledge of DevSecOps practices, CI/CD pipeline security, and automation
• Bachelor’s degree in Computer Science, Cybersecurity, Information Systems, or related disciplineCertifications (a plus):
• Any of CompTIA Security+, CySA+, CEH, CISSP, CISM, OSCP, GIAC (GCIH, GCIA, GCFA)

• Mid Shift
• Salary Best in the Industry
• Allowances
• Insurance Benefits