Specialist, Cyber Security Control & Defense

About The Position

Requirements

• Bachelor’s degree in Cybersecurity, Computer Science, or related field (or equivalent experience).
• 3-5 years in cybersecurity operations, detection engineering, or threat response.
• Hands-on experience with SIEM and EDR platforms.
• Proficiency with SIEM tools (e.g., Splunk, QRadar, Azure Sentinel).
• Familiarity with scripting (Python, PowerShell) for automation.
• Understanding of MITRE ATT&CK and threat detection methodologies.
• Security+ or equivalent required.

Nice To Haves

• GIAC (GCIA, GCED) or similar preferred.

Responsibilities

• Configure and maintain alerts in SIEM integrating with security tooling related to EDR, NDR, and cloud security platforms.
• Develop detection logic for emerging threats using threat intelligence and MITRE ATT&CK mapping.
• Continuously tune alerts to reduce false positives and improve detection fidelity.
• Validate alert performance through testing and simulation of attack scenarios.
• Collaborate with SOC and Incident Response teams to validate alert effectiveness and improve workflows.
• Investigate alert performance and recommend improvements to detection coverage.
• Document alert configurations and maintain version control for audit and compliance.
• Provide Tier 3 support for escalated alerting issues and assist in root cause analysis.
• Incorporate threat intelligence feeds into alerting logic to detect emerging threats.
• Map alerts to MITRE ATT&CK techniques for better coverage and reporting.
• Ensure alert configurations meet regulatory and internal security standards.
• Participate in audits and provide evidence of alerting controls.
• Support automation initiatives for alert triage and enrichment using SOAR platforms.
• Research and implement advanced detection techniques, including behavioral analytics and anomaly detection.
• Conduct testing of new alert configurations using simulated attack scenarios.
• Validate detection logic against real-world threat behaviors.
• Track and report on alert performance metrics such as false positive rates, detection coverage, and response times.
• Provide recommendations for continuous improvement based on data-driven insights.

Benefits

• Upskilling through online courses, cross-functional development opportunities, and tuition assistance.
• Competitive Rewards program including bonus, flexible vacation, personal, sick days, and benefits will start on day one.