- Detection Engineering: Lead the end-to-end management of detection use cases—from concept to tuning—using major SIEM platforms. This includes developing, deploying, and maintaining SIEM correlation rules to strengthen defences.1
- SOAR Automation: Develop, deploy, and maintain SOAR playbooks and automation use cases. The focus is on creating playbooks, not scripting automation from scratch, to streamline Incident Response processes.1
- Continuous Improvement: Work with Offensive Security and technology teams to enhance capabilities, support purple teaming, and drive operational efficiency through automation and AI integration.
- Minimum 5 years of professional experience across SOC, Incident Response, Forensics, Detection Engineering, and SOAR.
- Hands-on experience with major SIEM/SOAR platforms, including Splunk ES, Splunk SOAR, Microsoft Sentinel, Crowdstrike Nextgen SIEM, or Palo Alto Cortex XSOAR.1
- Expertise in threat detection use case development and a strong understanding of MITRE ATT&CK and attacker TTPs.
- Proficiency in scripting and automation (PowerShell, Python).
- Experience or exposure to IT/OT infrastructure, applications, cloud, mobile, and IoT environments.
At Randstad, we are passionate about providing equal employment opportunities and embracing diversity to the benefit of all. We actively encourage applications from any background.
...
