The successful candidate will support the protection, monitoring, and defense of the organization's technology infrastructure and data assets. Potrebbe essere proprio lei il candidato/la candidata ideale per questo lavoro. Legga tutte le informazioni associate e invii la sua candidatura. They will operate and optimize security tools such as Trellix EDR, Splunk SIEM, Sonatype Nexus, and Tenable Nessus to detect, analyse, and respond to cyber threats.Along with these technical skills, the incumbent will exercise analytical and coordination capabilities, collaborate with IT and DevOps teams, engage with external vendors or service providers, and must be able to communicate with peers and management on cybersecurity posture, incidents, and risk mitigation progress.Duties and ResponsibilitiesMonitoring and analysing security events through Splunk SIEM, correlating data from endpoints, network, and vulnerability systems.Operating Trellix Endpoint Security and EDR to identify, contain, and remediate endpoint threats and suspicious activities.Supporting the vulnerability management process by running and reviewing Tenable Nessus scans and coordinating remediation with IT teams.Ensuring secure software management practices through Sonatype Nexus, identifying vulnerable dependencies, and supporting secure DevSecOps pipelines.Participating in incident response activities including detection, triage, containment, eradication, and recovery.Developing and maintaining Splunk detection rules, dashboards, and automated alerts aligned with the MITRE ATT&CK framework.Documenting security events, maintaining SOC playbooks, and supporting internal and external compliance audits (ISO 27001, NIST CSF, GDPR).Providing situational awareness reports and communicating risk insights to management and stakeholders.Contributing to the continuous improvement of the Security Operations Center (SOC) by proposing new use cases and optimizing detection coverage.Skills / RequirementsMandatoryThree years' experience in Cybersecurity Operations, SOC Analysis, or Incident Response roles.EDR platforms (Trellix Endpoint Security / ePO)SIEM solutions (Splunk)Vulnerability scanners (Tenable Nessus)Software component analysis tools (Sonatype Nexus)Strong understanding of threat detection, incident handling, and vulnerability management processes.Familiarity with network protocols (TCP/IP, DNS, HTTP/S, SMTP) and log analysis techniques.Knowledge of MITRE ATT&CK, NIST 800-61, and ISO 27035 security incident frameworks.Ability to manage multiple incidents or investigations in a fast-paced operational environment. xivgfpx Excellent analytical, troubleshooting, and reporting skills.DesirableProfessional certifications such as GCIA, GCIH, Splunk Certified Power User, Trellix Certified Specialist, or Tenable Certified PractitionerExperience developing detection logic, correlation searches, or automation workflows in Splunk or SOAR platformsKnowledge of scripting languages such as Python, PowerShell, or Bash for automation and data enrichmentExposure to DevSecOps practices and secure software development lifecycle (SDLC) integration using tools like Sonatype NexusFamiliarity with threat intelligence platforms (TIPs) and integration of IOCs into SIEM systemsDatabase knowledge (SQL / NoSQL) for data correlation or threat huntingStrong written and verbal communication skills, capable of documenting incidents and presenting findings to technical and non-technical audiencesAbility to work effectively in a SOC team environment or independently during critical response operationsCommitment to continuous learning and staying current with emerging cyber threats, vulnerabilities, and technologies #J-18808-Ljbffr