Social network you want to login/join with:
Role Responsibilities
Responsible for the planning, design, and build of SIEM detections; automation and SOC workflow enrichments. Strong understanding of the current threat landscape, data ingest, and telemetry requirements.
- Experience with SIEM platforms such as Splunk, Azure Sentinel, Qradar, Exabeam, etc.
- Python scripting
- MITRE Caldera and ATT&CK
- Atomic Red Team
- SOAR automation and enrichment
- Strong work ethic and positive can-do attitude
- Bias for action and task execution
- Willingness to grow skillset
This role requires UK national security clearance.
Additional Responsibilities
Authoring, tuning, and deploying SIEM detections, threat hunting, and automation via Python scripting and SOAR tools.
May participate in an incident management team, responding to security events in line with Oracle incident response playbooks. Investigates purported intrusions and breaches, oversees root cause analysis, and coordinates incidents with other business units. May act as incident commander for serious incidents. Develops new methods and playbooks throughout Oracle.
Evaluates existing and proposed technical architectures for security risk, provides technical advice for designing and developing secure architectures, and recommends security controls to mitigate risks. This includes design assessments, risk assessments, and threat modeling.
Brings advanced skills to research, evaluate, track, and manage security threats and vulnerabilities, especially in ambiguous situations requiring in-depth analysis and scripting knowledge.
Works with senior management to develop and implement a multi-year security roadmap. Focuses on operational and strategic tasks, providing guidance to junior security operations engineers.
#J-18808-Ljbffr
