Are you a passionately curious individual who possesses a steady and unshakable eye for detail? Are you not afraid of searching for a needle in the stack of hay? Do you think you have the skillset, knowledge, to be the first line of defense between cyber adversaries and the organization? Do you believe in working for a mission to protect your organization 365*24*7? If you are in love with the tools and technology that help you to solve this daunting challenge, then we are looking for you.
Who we are?
Payatu is an ISO-certified cybersecurity firm on a mission to make the cyber world safer for organizations, products, and individuals. We work across cutting-edge domains like IoT Security, OT Security, AI/ML, Blockchain, Cloud, and emerging technologies. We are a young, passionate team driven by innovation, excellence, and growth. We are on the mission of making Cyberworld safe for every organization, product, and individual.
What we look for outside work parameters?
Your expertise is your primary qualification, not your degree or certification.
Your publicly known contributions are your credentials.
Your write-up and blogs reflect your interests and ethics.
You are a perfect technical fit if:
At least 4 to 5 years of experience in handling SOC and Incident Response tasks.
Strong experience in SecOps, Detection Engineering, Threat Hunting, and Security Monitoring.
Experience leading or mentoring SOC analysts across L1/L2 operations.
Knowledge and hands-on experience in Security appliances (IDS/IPS, Proxy, XDR/EDR, Email Security Gateway, Cloud Access Security Broker).
Good knowledge of programming/scripting languages (Python, Go, PowerShell, Bash).
Experience in host and network forensics.
Experience in log analysis with hands-on exposure to Windows and Linux environments.
Experience working on and monitoring cloud environments (AWS, Azure).
Experience with Microsoft Security Stack (Entra ID, Microsoft Defender, Microsoft Sentinel, KQL).
Experience in Threat Hunting and proactive security investigations.
Knowledge of MITRE ATT&CK framework and detection mapping.
Experience in Detection Engineering and SIEM use-case development.
Experience working with Threat Intelligence and IOC enrichment.
Hands-on experience with XDR platforms (Microsoft Defender XDR, CrowdStrike, SentinelOne, Cortex XDR, etc.).
Experience in Identity security monitoring (account compromise detection, privilege escalation, anomalous login detection).
Experience in handling high-severity incidents (P1/P2) and driving incident coordination.
Experience in stakeholder communication, client handling, and security reporting.
You Have All Our Desired Qualities, if:
You like automating stuff.
You like writing tools.
You have excellent written and verbal communication skills and the ability to express your thoughts clearly.
You have the skill to articulate and present technical things in business language.
You can work independently as well as within a team.
You have strong problem solving, troubleshooting, and analysis skills.
You are passionate about your area of expertise and self-driven.
You are comfortable working in a dynamic and fast-paced work environment.
You are Self-driven, proactive, hardworking, team-player.
You are working on something on your own in your field apart from official work.
Your everyday work will look like:
Lead and mentor SOC analysts during investigations and escalations.
Handle and coordinate high-severity security incidents (P1/P2).
Monitor, investigate, and respond to security alerts across SIEM, EDR/XDR, cloud, and identity platforms.
Perform proactive threat hunting and identify suspicious activities across environments.
Create, fine-tune, and improve SIEM use cases, detection rules, dashboards, and alerts.
Automate repetitive SOC tasks using SOAR, scripts, playbooks, and workflow automation.
Investigate phishing, malware, account compromise, privilege escalation, and cloud security incidents.
Perform host and network forensic analysis to identify indicators of compromise.
Collaborate with Threat Intelligence teams to improve detections and enrich IOCs.
Develop and maintain incident response guides, SOPs, and SOC operational processes.
Participate in client discussions, incident review calls, and stakeholder reporting.
Continuously improve SOC visibility, detection coverage, and response efficiency.