- Lead the architecture, deployment, and operationalization of the Google SecOps platform for multiple clients, ensuring optimal performance and scalability.
- Configure and manage the ingestion of diverse security logs from a wide range of sources (e.g., cloud platforms, network devices, applications, identity systems) into Google SecOps.
- Design and implement robust Endpoint Detection and Response (EDR) solutions across various client infrastructures.
- Develop and maintain secure, reliable, and automated data pipelines to effectively feed EDR telemetry and alerts into Google SecOps for centralized monitoring and analysis.
- Create, tune, and optimize detection rules and playbooks within Google SecOps to reduce false positives and enhance the efficacy of threat hunting and incident response.
- Serve as a subject matter expert for all Google security products, including SecOps and related cloud security services, providing technical guidance to junior engineers and clients.
- Perform regular security posture assessments for clients, identifying gaps in logging and EDR coverage, and recommending strategic improvements to security controls.
- Develop comprehensive documentation for all deployments, configurations, runbooks, and standard operating procedures to ensure repeatable and high-quality service delivery across all clients.
Education
Minimum Qualifications:
Graduate of a bachelor's degree course in computer science, computer engineering, information technology, management information systems, or any other related field. Advanced degrees are considered as an advantage.
Experience
Minimum of five (5) years of experience in cybersecurity projects.
Experience in handling SIEM and SOAR products. Experience with Chronicle SIEM and SOAR and/or Google SecOps is considered as an advantage.
