Job Description

Role: Cyber Defence Senior SME

Location: Milford / Dallas

About the role:

We are looking to onboard a seasoned Cyber Defence SME for our entity CISO office.

R͏oles & Responsibilities

• Design, implement, and maintain Security Information and Event Management (SIEM) solutions to facilitate security threat detection and response, across the organisation. Additionally, architect and manage Extended Detection and Response (XDR) systems to provide layered security coverage across endpoints, networks, and cloud environments. 
• Integrate log data from various sources, including cloud platforms (Azure, AWS, GCP), XDR, EDR, NDR, and IAM tools, ensuring comprehensive visibility and coverage. Leverage advanced analytics for threat hunting and proactive identification of emerging threats. 
• Troubleshoot SIEM and XDR log interruption issues, to ensure continuous visibility of security logs from various data sources, and support rapid recovery during security incidents or cyber crises. 
• Develop and fine-tune correlation rules, alerts, and dashboards to provide visibility of security threats for required detection and remediation actions. Enhance security incident response playbooks and coordinate response activities with relevant teams during high-severity incidents. 
• Lead and drive SOC investigations and incident response actions and furnish standard SOC KPI metrics. 
• Collaborate with stakeholders to understand business requirements and translate them into technical SIEM and XDR capabilities which help in improved security posture of the organisation. Participate in cyber crisis handling exercises to ensure readiness and resilience. 
• Support in regulatory/compliance audits by providing SIEM and XDR tool specific security logs and incident reports, ensuring alignment with industry standards and regulatory frameworks. 
• Work closely with threat intelligence teams to enhance SIEM and XDR with threat feeds, facilitate integration with SOAR and other security tools, and drive threat hunting initiatives to detect sophisticated attacks. 
• Lead and support security incident response and post-incident analysis, ensuring lessons learned are captured and integrated into continuous improvement processes.

͏Qualifications

• 10+ years of experience in Cybersecurity with knowledge and experience in various SIEM tools and technologies (E.g. Palo Alto Cortex, Splunk, Securonix, QRadar etc), as well as hands-on expertise with XDR platforms (such as Microsoft Defender, XDR, CrowdStrike Falcon, or similar). 
• Strong knowledge of security incident investigation and response processes, including containment, eradication, and recovery, with direct experience in managing large-scale cyber incidents and crisis scenarios. 
• Experience in threat intelligence gathering, analysis, and operationalisation, as well as leading threat hunting activities using SIEM, XDR, and EDR tools. 
• Proficiency in integrating, tuning, and optimising detection rules, playbooks, and automated workflows within SIEM, XDR, and SOAR environments. 
• Expertise in regulatory compliance requirements, audit support, and report generation for security events and incidents. 

D͏esired Qualifications

• Excellent communication and collaboration skills to work effectively with cross-functional teams and stakeholders. 
• Strong analytical and problem-solving abilities in high-pressure situations, especially during cyber crisis management. 
• Ability to adapt quickly to changing threat landscapes and prioritise tasks in dynamic environments. 

͏