Skip to content

Security Lead

Job Description:
Experience with the following scripting tools: Python, Json, Powershell and Bash.


  • – Collaborate with the Sales team to discuss customer requirements and success criteria to deliver.
  • – Install, configure, and deploy endpoint agents, network sensors, and other components of the XDR solution.
  • – Integrate XDR with customer SaaS applications, APIs and leverage XDR to deliver customer requirements.
  • – Analyse security alerts and build investigations.
  • – Manage the team and assign respective tasks and lead the incident investigation in case of critical incidents.
  • – Single point of contact for customers during the PoC deployment and testing process.
  • – Maintain documentation related to the deployment and configuration of XDR.
  • – Have regular calls with the customer to initiate the PoC, provide regular updates and a conclusion call.
  • – Collaborate with Product Engineering on new capabilities and configuration options.
  • – Analyze and identify areas of improvement with management and related operations processes, procedures, and documentation.
  • – Understand the current Cybersecurity Platform application infrastructure.
  • – Continuously learn and stay up-to-date on the latest technologies, tools, and methodologies related to XDR and endpoint/network security.

  • – Excellent communication skills and proficiency in English.
  • – Solid presentation skills.
  • – Hands-on admin experience with automation integrations with for example ITSM’s such as ServiceNow and Zendesk; Pagerduty; Atlassian products and others.
  • – Effective troubleshooting mindset and problem-solving skills to resolve system, script and functional errors.
  • – Hands-on experience with EDR and/or AI based Next Generation AV solutions (EPP).
  • – Experience with leveraging threat intelligence.
  • – Security event and alert analysis.
  • – Incident investigations and response.
  • – Running custom search queries and creating suppression rules.
  • – Threat Hunting.
  • – Experience with commonly used cloud services (VPC, EC2, S3, Azure Compute and Firewall).
  • – SaaS API integrations (Crowdstrike, SentinelOne, Office 365, OKTA).
  • – Log integrations (VPC flow logs, Azure Eventhub).
  • – Containers and Serverless Computing.
  • – Setting up SOAR integrations with 3rd party platforms (e.g. PagerDuty, ServiceNow, Microsoft Teams).
  • – Endpoint Agent deployment.
  • – Firewalls integrations (Palo Alto, ASA, Check Point, Sophos XG, etc).
  • – Configuring log forwarding for other common security controls (e.g. IDS, AD, Proxies, etc.).
  • – Administration of Windows, Linux and Mac.
  • – TCP/IP networking and routing.
  • – Understanding of cyber security attacks, threat actor behavior and objectives and penetration testing tools.
  • – Experience with configuring and maintaining cloud-native applications.
  • – Experience with Microsoft O365 management.
  • – Knowledge of enterprise logging for OS, applications & various security technologies.

Apply for this position

Allowed Type(s): .pdf, .doc, .docx