IntermediateSecOpsEngineer

## Accountabilities Develop, maintain, and improve security monitoring systems, including SIEM rules, alerts, dashboards, and detection workflows across infrastructure, cloud, and identity systems. Participate in incident response activities including triage, investigation, containment, remediation, and post-incident reviews to ensure continuous improvement. Proactively conduct threat hunting and security investigations to identify anomalous behavior and emerging risks within systems and services. Operate and enhance security tooling such as SIEM platforms, log aggregation systems, vulnerability management tools, and alerting pipelines. Create and maintain incident response playbooks, operational runbooks, and security documentation to standardize response procedures across teams. Collaborate with infrastructure and engineering teams to identify vulnerabilities and implement security hardening across Linux, cloud, container, and network environments. Contribute to disaster recovery planning, resilience testing, and on-call security support as part of operational readiness. Requirements: 3–5+ years of experience in SecOps, incident response, infrastructure security, or related operational security roles. Hands-on experience with security monitoring, alert triage, incident investigation, and response workflows in production environments. Strong understanding of Linux systems, networking fundamentals, IAM, and common attack techniques. Experience working with SIEM tools, log aggregation platforms, and detection engineering processes. Familiarity with cloud environments (AWS, Azure, or GCP) and containerized systems such as Docker and Kubernetes (or OpenShift/OKD). Ability to write and maintain runbooks, detection rules, and incident response documentation. Working knowledge of security frameworks such as MITRE ATT&CK or CIS Controls. Strong analytical and problem-solving skills with the ability to perform under pressure during security incidents. Excellent communicatio