Key Responsibilities:

• Develop, customize, and maintain security monitoring content for SIEM and SOAR platforms (e.g., custom rules, alerts, correlation searches, dashboards).
• Build automation playbooks for incident response using SOAR platforms to reduce response time and analyst workload.
• Integrate new data sources into SIEM tools and ensure parsing, normalization, and enrichment.
• Create and maintain scripts and tools to support threat detection, investigation, and reporting.
• Work with SOC Analysts and Threat Hunters to develop new detection use cases and improve existing ones.
• Participate in the threat lifecycle, assisting in the development of detection logic based on threat intel and attack techniques (e.g., MITRE AT&CK).
• Collaborate with infrastructure and application teams to ensure proper logging and telemetry.
• Maintain documentation of code, detection logic, use case coverage, and automa...