Ensign InfoSecurity Hiring! Full Time Cybersecurity Technical Lead, Advanced Analytics in - Ricebowl

Key Responsibilities

1. Technical Leadership and Delivery

• Provide hands-on technical leadership in the design, deployment, and optimization of SOC-related technologies (SIEM, SOAR, TIP, UEBA, BAS, Data Streaming, etc.).
• Act as the technical authority for solution design, integration, and performance validation across hybrid and multi-cloud environments.
• Lead complex client implementations, ensuring solutions meet functional and security requirements.
• Mentor and guide engineers in advanced SOC technologies, detection engineering, and automation best practices.
• Support project managers in technical planning, risk mitigation, and quality assurance.

2. Advanced Analytics Engineering

• Develop and fine-tune advanced detection, correlation, and automation content for SOC platforms.
• Build and enhance Detection-as-Code and Automated Response Frameworks, integrating with AI/ML and Threat Intelligence pipelines.
• Design and implement scalable data pipelines and enrichment workflows to support large-scale analytics.
• Conduct architecture and performance reviews to continuously improve visibility, detection fidelity, and response efficiency.

3. Presales and Solution Design

• Collaborate with sales and solution teams to participate in technical discussions, proof-of-value (POV) exercises, and proposal development.
• Design solution architectures, prepare BOMs, and develop scopes of work (SOWs) for client proposals and tenders.
• Deliver technical presentations, demonstrations, and workshops to clients and prospects.
• Evaluate emerging technologies and recommend innovations to enhance SOC capabilities.

4. Technical Governance and Support

• Establish and maintain governance frameworks for detection content, response playbooks, and integrations.
• Provide advanced troubleshooting and escalation support for complex SOC environments.
• Develop and maintain detailed technical documentation, configuration baselines, and operational guides.

Qualifications and Requirement

• sBachelor’s Degree in Computer Science, Information Technology, or Cybersecurity, or equivalent experience
• .5–8 years of hands-on cybersecurity experience, including deployment and management of SOC technologies
• .Proven technical leadership in SOC engineering or advanced analytics domains
• .Deep expertise in at least two of the following
• :SIEM/XDR/UEBA: Splunk, Elastic, Exabeam, Microsoft Sentinel, Google SecOps, Crowdstrike, Palo Alto XD
• RSOAR: Cortex XSOAR, Splunk SOAR, or equivalent
• sTIP: Anomali, EclectiqIQ, or similar platform
• sBAS/Data Streaming: Cymulate, AttackIQ, Cribl, Confluent, etc
• .Experience with DevSecOps, CI/CD automation, or Cloud environments (AWS, Azure, GCP)
• .Strong problem-solving and troubleshooting skills, capable of resolving complex technical escalations
• .Excellent communication and documentation skills; comfortable engaging with technical and non-technical stakeholders
• .Professional certifications such as SANS, ISC2, Splunk, Elastic, or Cloud Security credentials are advantageous
• .A passion for cybersecurity innovation, continuous learning, and elevating technical standards across the team