نشان کن
کد آگهی: KP2199353113
At blubank, we are seeking talented, dynamic, and enthusiastic individuals as a SOC Tech Lead (Blue Team) to join our friendly and professional team. If you’re looking for a workplace where you can grow and continuously learn, this opportunity is for you!Responsibilities:Lead the SOC team in monitoring, detecting, analyzing, and responding to cyber threats across cloud and on-prem environments.Design and maintain detection content (e.g., correlation rules, use cases) in SIEM/SOAR platforms (e.g., Splunk, ELK ,).Coordinate triage and containment of security incidents, ensuring rapid, structured response and root cause analysis.Continuously refine playbooks and escalation workflows for both automated and analyst-driven response.Oversee threat intelligence integration (e.g., MISP, commercial feeds) and contextualize IOCs for proactive detection.Collaborate with Red Team to validate alert logic and close detection gaps (e.g., missed lateral movement or C2). Drive log onboarding and telemetry coverage expansion across endpoints, cloud services, identity, and network layers. Mentor SOC analysts, conduct technical deep-dives, and lead tabletop exercises and blue team drills.Present incident reports, KPIs, and security posture updates to stakeholders, including executive summaries. Track emerging threats and evolve SOC capabilities in line with evolving TTPs and MITRE ATT&CK mappings.:QualificationsBachelor’s degree in Computer Science, Cybersecurity, or a related field+5 years of experience in information securityFamiliar with Cyber Kill Chain , MITRE ATT&CK FrameworkProficiency in one of the top-ranked SIEMExcellent knowledge of attack on Operating Systems such as Windows, Linux,Familiar with Forensic and Threat Hunting process and tools.Analyzing security logs/alerts such as those from Firewall, EDR,WAF,…Familiar with Web/Network Attack.Report writing and presentation creation skills relevant to a SOC environment.Nice to know scripting languages like pythonNice To Know advance techniques of APTsBenefits:Work from home optionFlexible working hoursTraining courses and professional development opportunitiesMilitary service project (Limited)Supplemental health insuranceTeam-building budgetPerformance-based bonusesLoansLunch subsidies
بلوبانک
در تهران
اطلاعات شغل:
نوع همکاری: تمام وقت
مدرک تحصیلی مورد نیاز: لیسانس
نیاز به سابقه: حداقل 5 سال
ساعت کاری: تمام وقت
متن کامل آگهی:
At blubank, we are seeking talented, dynamic, and enthusiastic individuals as a SOC Tech Lead (Blue Team) to join our friendly and professional team. If you’re looking for a workplace where you can grow and continuously learn, this opportunity is for you!
Responsibilities:
Lead the SOC team in monitoring, detecting, analyzing, and responding to cyber threats across cloud and on-prem environments.
Design and maintain detection content (e.g., correlation rules, use cases) in SIEM/SOAR platforms (e.g., Splunk, ELK ,).
Coordinate triage and containment of security incidents, ensuring rapid, structured response and root cause analysis.
Continuously refine playbooks and escalation workflows for both automated and analyst-driven response.
Oversee threat intelligence integration (e.g., MISP, commercial feeds) and contextualize IOCs for proactive detection.
Collaborate with Red Team to validate alert logic and close detection gaps (e.g., missed lateral movement or C2).
Drive log onboarding and telemetry coverage expansion across endpoints, cloud services, identity, and network layers.
Mentor SOC analysts, conduct technical deep-dives, and lead tabletop exercises and blue team drills.Present incident reports, KPIs, and security posture updates to stakeholders, including executive summaries.
Track emerging threats and evolve SOC capabilities in line with evolving TTPs and MITRE ATT&CK mappings.
:Qualifications
Bachelor’s degree in Computer Science, Cybersecurity, or a related field
+5 years of experience in information security
Familiar with Cyber Kill Chain , MITRE ATT&CK Framework
Proficiency in one of the top-ranked SIEM
Excellent knowledge of attack on Operating Systems such as Windows, Linux,
Familiar with Forensic and Threat Hunting process and tools.
Analyzing security logs/alerts such as those from Firewall, EDR,WAF,…
Familiar with Web/Network Attack.
Report writing and presentation creation skills relevant to a SOC environment.
Nice to know scripting languages like python
Nice To Know advance techniques of APTs
Benefits:
Work from home option
Flexible working hours
Training courses and professional development opportunities
Military service project (Limited)
Supplemental health insurance
Team-building budget
Performance-based bonuses
Loans
Lunch subsidies
Responsibilities:
Lead the SOC team in monitoring, detecting, analyzing, and responding to cyber threats across cloud and on-prem environments.
Design and maintain detection content (e.g., correlation rules, use cases) in SIEM/SOAR platforms (e.g., Splunk, ELK ,).
Coordinate triage and containment of security incidents, ensuring rapid, structured response and root cause analysis.
Continuously refine playbooks and escalation workflows for both automated and analyst-driven response.
Oversee threat intelligence integration (e.g., MISP, commercial feeds) and contextualize IOCs for proactive detection.
Collaborate with Red Team to validate alert logic and close detection gaps (e.g., missed lateral movement or C2).
Drive log onboarding and telemetry coverage expansion across endpoints, cloud services, identity, and network layers.
Mentor SOC analysts, conduct technical deep-dives, and lead tabletop exercises and blue team drills.Present incident reports, KPIs, and security posture updates to stakeholders, including executive summaries.
Track emerging threats and evolve SOC capabilities in line with evolving TTPs and MITRE ATT&CK mappings.
:Qualifications
Bachelor’s degree in Computer Science, Cybersecurity, or a related field
+5 years of experience in information security
Familiar with Cyber Kill Chain , MITRE ATT&CK Framework
Proficiency in one of the top-ranked SIEM
Excellent knowledge of attack on Operating Systems such as Windows, Linux,
Familiar with Forensic and Threat Hunting process and tools.
Analyzing security logs/alerts such as those from Firewall, EDR,WAF,…
Familiar with Web/Network Attack.
Report writing and presentation creation skills relevant to a SOC environment.
Nice to know scripting languages like python
Nice To Know advance techniques of APTs
Benefits:
Work from home option
Flexible working hours
Training courses and professional development opportunities
Military service project (Limited)
Supplemental health insurance
Team-building budget
Performance-based bonuses
Loans
Lunch subsidies
این آگهی از وبسایت ایران استخدام پیدا شده، با زدن دکمهی تماس با کارفرما، به وبسایت ایران استخدام برین و از اونجا برای این شغل اقدام کنین.
هشدار
گزارش مشکل آگهی
تماس با کارفرما
این آگهی رو برای دیگران بفرست
نشان کن
گزارش مشکل آگهی
جستجوهای مرتبط
جمعه 10 آبان 1404، ساعت 12:44