Dallas, TX (Day 1 Onsite)
Longterm Contract
ONLY USC & GC
Tines is a no-code SOAR (Security Orchestration, Automation, and Response) platform built specifically to help SOC teams automate repetitive tasks, route alerts, and orchestrate complex incident response workflows without needing heavy software engineering.
Core Capabilities for SOC Teams:
- Endpoint Detection and Response (EDR)
- Intelligent Workflows: Build end-to-end “Stories” (automated workflows) ranging from fully autonomous, agentic responses to human-in-the-loop approvals.
- Vendor Agnosticism: Integrates via APIs with almost any tool in your security stack (SIEM, EDR, Cloud platforms, LLMs, or internal tools).
- Assisted Operations: Leverage AI-driven chat features and workbenches directly in the platform to query data, summarize tickets, and determine safe actions.
- Framework Alignment: Tines is designed around the SOC Automation Capability Matrix (SOC ACM), allowing teams to systematically classify and mature their automation programs
Skills Required 8+ years for L3
- Having knowledge/experience on any SIEM tool (preferably SPLUNK) and SOAR tools ( preferably TINES).
- Exposure to Mitre framework and equivalent, Hands-on experience in EDR platforms ( CROWDSTRIKE ) and threat analysis, threat hunting / incident response experience.
- Experience in analysing security incidents and responding to them in methodical manner
- Knowledge in Network security/ System Security/ Endpoint Security.
- Experience in Event Monitoring and, analysis, and escalations. Provide inputs for content management.
- Experience in monthly, Weekly, and daily reporting.
- Willing to work on 24/7 operations.
- Review SIEM escalated incidents and qualify true positives
- Provide a monthly trend and security analysis summary report
- Provide SIEM event/Incident analytics support
- Provide a log analysis summary and recommendations on the detection/protection of incidents
- Perform advanced triages and work in collaboration with resolved groups, third parties, or with designated customer contacts
- Liaise between cross-functional teams and assist in formulating the security incident response report
- Advocate protection and mitigation strategies to be implemented from lessons learnt exercises
- Strong knowledge of operating systems, namely Windows, Linux, and MAC
- Strong understanding of cybersecurity threats
- Knowledge of recent cybersecurity trends
- Experience in creating rules in SIEM
- Understanding of the usage of AI in cybersecurity
Soft skills
- Shall have good verbal/written communication skills
- Should be willing to work in 24×7 environments
- From time to time, travel opportunities may be assigned
- Incumbent should carry a continual system improvement mindset and be able to demonstrate it in their work.
- Client-facing technical analysis report and presentation skills
