Responsibilities:

* Lead Tier‑3 security incident investigations and escalations within the SOC 

* Perform incident response activities including detection, analysis, containment, and recovery 

* Conduct proactive threat hunting and investigate suspicious activities using SIEM and XDR platforms 

* Develop and maintain Splunk correlation rules, dashboards, and security alerts 

* Monitor and secure cloud environments across AWS, Azure, GCP, and OCI 

* Perform root cause analysis and provide remediation recommendations 

* Collaborate with internal teams and stakeholders to resolve complex security incidents

Requirement:
* Strong in SIEM: Splunk, Elastic Stack 

* Proficient in Cloud Security: AWS, Azure, GCP, OCI 

* Knowledge on Endpoint & XDR: CrowdStrike, Carbon Black, Red Canary and Security Platforms: CyberArk, Zscaler