Sr Cyber Defense Analyst

Tasks

• Classify document and track alerts in ticketing systems
• Collect evidence and perform forensic analysis
• Conduct investigations across identity endpoint cloud and email logs
• Contribute to AI prompt and agent workflow design
• Design implement and tune detection rules
• Evaluate integrate and optimize AI and automation capabilities
• Execute incident response runbooks
• Improve log ingestion data quality and tool integrations
• Maintain detection coverage mapped to MITRE ATTACK
• Maintain operational notes and shift handoff documentation
• Monitor security alerts across SIEM EDR CSPM
• Participate in incident response engagements
• Participate in on-call rotation
• Participate in tabletop exercises purple team activities and post incident reviews
• Produce incident summaries and post incident reports
• Reduce false positives and close detection gaps
• Refine IR runbooks playbooks and standard operating procedures
• Track and report operational metrics MTTD MTTR MTTC false positive rate
• Translate threat intelligence into detection content
• Triage and investigate security events
• Use AI tools for alert triage enrichment and investigation
• Validate detection logic via threat hunting

Perks/Benefits

• N/A

Skills/Tech-stack

Alert triage | Audit trails | CSPM | Case management | Cloud Audit Trails | Cloud audit | Detection engineering | EDR | Flow data | Forensics | Identity Provider | Identity Provider Logs | Incident Response | LLM | Log Analysis | Machine Learning | Mitre Attack | Network Flow Data | Network flow | SIEM | Threat Intelligence | Ticketing