Cyber Security Specialist

About the role

We are looking for an experienced Cyber Security Specialist to manage, maintain, and enhance our Google Chronicle SIEM and SOAR platforms. You will work closely with the SOC team to ensure continuous security monitoring, detection, and automated response across our environment.

Key responsibilities

• Deploy, configure, and manage Google Chronicle SIEM components, including data ingestion pipelines, UDM parsers, detection rules, and retention settings.
• Integrate log sources from GCP, AWS, Azure, network devices, applications, and security tools.
• Develop and fine‑tune YARA‑L detection rules mapped to MITRE ATT&CK techniques.
• Design and maintain automated playbooks in Google SOAR (Siemplify) for incident enrichment and response.
• Collaborate with SOC analysts to investigate alerts, perform event correlation, and support incident triage.
• Leverage REST APIs, BigQuery, and scripting to extend Chronicle functionality and integrate with ServiceNow, VirusTotal, CrowdStrike, Proofpoint, Zscaler, etc.
• Monitor ingestion volumes, storage utilization, and system health to ensure optimal performance.
• Create dashboards and management reports to provide visibility into detections and SOC KPIs.
• Ensure compliance with ISO 27001, NIST CSF, RBI, GDPR and related governance frameworks.
• Troubleshoot ingestion delays, parser mismatches, detection errors, and coordinate platform upgrades.

Required profile

• 8+ years of experience in Security Operations, with at least 2 years hands‑on with Google Chronicle or Google SecOps platforms.
• Bachelor’s or Master’s degree in Computer Science, Information Security, or a related field.
• Proven experience in SOC environments, detection engineering, and security automation.
• Strong understanding of compliance frameworks such as ISO 27001, NIST, RBI, and GDPR.

Required skills

• Google Chronicle SIEM
• Google SOAR (Siemplify)
• YARA‑L rule development
• MITRE ATT&CK mapping
• REST APIs
• BigQuery
• ServiceNow integration
• VirusTotal, CrowdStrike, Proofpoint, Zscaler
• Cloud platforms: GCP, AWS, Azure