Senior Cyber Security Operations Center Specialist

The Role

We are seeking an experienced Senior Cyber Security Operations Center Specialist to join our growing Security Operations Center (SOC) and help strengthen SoFis cybersecurity posture. This position will report to the Director of the Security Operations Center and will collaborate closely with Product Security Tools Automation and Operations and Engineering teams.

The Security Operations Center (SOC) team is responsible for detecting analyzing and responding to threats against SoFis infrastructure and assets. As a Senior Cyber Security Operations Center Specialist you will lead incident handing efforts perform advanced threat hunting and conduct offensive security operations to proactively identify vulnerabilities and strengthen our defensive capabilities by simulating realworld attack scenarios.

In this role you will be at the forefront of SoFis security operations protecting our organization by investigating containing remediating and documenting security incidents while continuously improving our detection and response capabilities through both defensive measures and offensive security testing.

What youll do:

• Lead security incident investigations including triage containment eradication and recovery phases
• Conduct proactive threat hunting to identify potential security gaps and adversary activities
• Perform blue team defensive operations while leveraging red team offensive security knowledge to anticipate attack vectors
• Plan and execute red team operations to test security controls and identify vulnerabilities
• Develop and enhance detection rules and correlation logic to identify sophisticated threats
• Execute Digital Forensics and Incident Response (DFIR) activities during security incidents
• Create and maintain incident response playbooks and procedures
• Participate in oncall rotation for critical security incidents
• Mentor junior analysts and contribute to the teams professional development
• Collaborate with crossfunctional teams to improve security posture and response capabilities

What youll need:

• 5 years of experience in cybersecurity with focus on SOC operations and incident response
• Experience with cloud security monitoring and incident response in AWS Azure or GCP environments
• Strong background in threat hunting methodologies and techniques
• Expertise in DFIR processes tools and techniques (e.g. Digital Forensics eDiscovery Internal Investigations)
• Experience leading incident response activities and coordinating crossfunctional response teams
• Proficiency with SIEM platforms EDR solutions and security orchestration tools
• Strong background in data collection and log analysis techniques
• Knowledge of common attack frameworks (MITRE ATT&CK) and threat intelligence sources
• Strong communication skills and ability to explain technical concepts to various audiences
• Excellent analytical and problemsolving skills with attention to detail

Nice to have:

• Demonstrated experience in both blue team (defensive) and red team (offensive) security operations
• Experience planning and executing offensive security operations and adversary emulation
• Participation in security competitions CTFs or bug bounty programs
• Familiarity with containerization technologies (Docker Kubernetes) and their security implications
• Relevant certifications (e.g. SANS GIAC CISSP OSCP)

Required Experience:

Senior IC