• Senior SOC & Incident Response Specialist (5+ Years) Core Scope
• Tier 3 Response: Lead analysis of escalated L1 alerts and handle high-priority incidents.
• Deep Forensics: Perform log, malware, and network traffic analysis (PCAP/EDR).
• Threat Hunting: Conduct proactive hunts to identify hidden IOCs and TTPs.
• Remediation: Coordinate with IT teams for containment and system recovery.
• Optimization: Develop/update IR Playbooks, SOPs, and automation (SOAR) workflows.
• Leadership: Mentor L1 analysts and lead Post-Incident Reviews (RCA).
• Intel & Compliance: Integrate threat intel and ensure all actions meet regulatory/policy standards.
• Operations: Manage shift handovers, attend daily syncs, and escalate critical risks.

Technical Skills:

• Tools: Advanced SIEM (Splunk/Sentinel), EDR (CrowdStrike/Defender), and Forensics (FTK/Volatility).
• Analysis: Static/Dynamic malware analysis and root cause investigation.
• Scripting: Automation via Python, PowerShell, or Bash.
• Frameworks: Mastery of NIST IR lifecycle and MITRE ATT&CK.

Acceptance Criteria:

• Work Mode: 100% Work from Office (WFO).
• Schedule: Rotational shifts and rotational weekly offs.
• SLA: Strict adherence to response and resolution timelines.
• Experience: Minimum 5+ years in dedicated SOC/IR roles.