Description : Stay secure and compliant by making cybersecurity simple, affordable, and effective. We provide managed security services such as MXDR, attack surface management, breach and attack simulation, and security advisory services. Our AI-powered Nopal360 platform, NopalGo mobile app, and Cyber Intelligence Quotient (CIQ) help customers measure, monitor, and understand their security posture in real time. Our solutions are designed to fit different business needs and budgets, making enterprise-level cybersecurity available to organizations of all sizes.

Key Responsibilities :

- Create and maintain security detection rules to identify cyber threats across different systems and platforms.

- Design, build, and deploy accurate threat detection solutions across on-premise systems, cloud platforms (AWS, Azure, GCP), and SaaS tools.

- Work closely with security analysts, threat hunters, and threat intelligence teams to identify new and emerging threats.

- Review and fine-tune detection rules to reduce false alerts and improve accuracy.

- Keep up to date with the latest cybersecurity trends, tools, and attack techniques.

- Work directly with customers to onboard their environments and integrate data sources into our platform.

- Document detection processes and prepare security reports for internal teams and customers.

- Have a good understanding of network security and tools such as firewalls, EDR, email security, proxy, DLP, and IDS/IPS.

Qualifications :

- Bachelors degree in Computer Science, Information Security, or a related field.

- Minimum 5 years of experience in cybersecurity, especially in threat detection, analysis, and incident response.

- Strong knowledge of SIEM tools, log management, and security detection platforms.

- Understanding of attacker methods and frameworks such as MITRE ATT&CK and the Cyber Kill Chain.

- Experience with cloud security and cloud-based threat detection.

- Good communication skills and ability to work with teams and customers.

- Experience working with Security Operations teams to automate alerts and response playbooks.

- Hands-on experience with security tools like SIEM, CSPM, EDR/XDR, SOAR, WAF, and IDS/IPS.

- Security certifications such as OSCP, GIAC (GCIH, GCIA), CISSP, or similar are a plus.

- Practical experience with SIEM platforms such as Splunk, ELK/Security Onion, IBM QRadar, Securonix, Wazuh, or Azure Sentinel, including writing queries, building dashboards, and onboarding new data sources.