Support the security team in monitoring and maintaining the organization's security systems across on-premises and cloud environments.
Participate in implementing and supporting cybersecurity solutions such as Cloud-Native Application Protection Platforms (CNAPP).
Assist in handling and documenting security incidents, with a focus on cloud incident response, working closely with internal teams.
Collaborate with application, network, infrastructure, and cloud teams to investigate and respond to threats.
Communicate updates and findings clearly to relevant stakeholders during incidents, including those involving cloud resources.
Help investigate and assess security events, collaborating with vendors and internal teams across both traditional and cloud environments.
Assist with vulnerability assessments, cloud security posture management, threat detection, and analysis of cybersecurity intelligence.
Contribute to the development and maintenance of incident response playbooks and procedures for multi-cloud and hybrid environments.
Assist with the implementation, automation, and management of security tools, including SIEM, EDR, and CNAPP, for monitoring and response.
Support efforts to identify and understand potential threats, vulnerabilities, and attack methods specific to cloud infrastructure.
Leverage AI and automation to optimize SOC workflows, including investigation, triage, and reporting processes.
Stay updated on new and emerging cybersecurity threats, technologies, and automation trends, with an emphasis on cloud security.
Support monitoring and reviewing of vendor performance as required.
Take up other ad-hoc duties as assigned to support overall security operations.
Requirements:
Degree in IT, Computer Science, or related fields.
3-4 years of relevant experience in information security or a related field (cloud incident response is a strong advantage).
Professional security certifications (e.g. CCSP, GCIH, AWS Security Specialty) are an advantage.
Exposure to or keen interest in security tools such as SIEM, EDR, CNAPP, SOAR, or related monitoring and automation solutions.
Good understanding of networking, operating systems (Windows, UNIX), Active Directory, cloud environments (such as AWS and Azure), and cloud security concepts.
Awareness of cybersecurity threats, vulnerabilities, and basic incident response concepts, with interest or foundational experience in cloud IR and SOC automation.
Experience with scripting or automation languages (such as Python or PowerShell) to support workflow automation and integration with AI-driven tools.
Effective communication, both verbal and written, with willingness to learn and grow.
Positive attitude with initiative, eagerness to learn, and a collaborative spirit.
Ability to work independently as well as within a team environment.
