Responsibilities:
- Triaging anomalies and incidents from our SIEM, escalating through the appropriate chains.
- Implementing automated playbooks for mundane actions
- Refining SIEM rules to limit false positives and improve reliability
- Implementing cloud security controls based off industry best practices
Requirements:
- Experience or exposure to Anomaly analysis and incident response.
- Exposure to multiple SIEMs, bonus points for exposure to Google SecOps
- Exposure to cloud technologies, cloud security controls, and bonus points for Google Cloud and AWS
- Exposure to Security Command Center within GCP; or a comparable cloud security monitoring platform