Overview
The role focuses on driving effective day-to-day security operations, with strong ownership of incident investigation, threat detection, and response activities across WFP’s infrastructure and network.
Key Responsibilities
- Monitor WFP environment for potential cyber incidents using available tools and telemetry.
- Provide Tier 2/3 investigation and analysis for potential cyber incidents.
- Provide assistance to vulnerability management/network security activities.
- Identify and evaluate tools and/or services needed to establish regular incident detection and response.
- Contribute to SOAR and playbook development and guarded automation.
- Coordinate remediation actions for network security exposures and incidents.
- Support tickets routed to TECI, including taking ownership of complex cases.
Required Experience
- 6-8 years’ relevant experience in the areas of SIEM, Incident Management, Network Security and/or Security Platforms/Tools administration.
- Strong practical experience in cybersecurity operations, including incident response, investigation, and threat analysis.
- Hands-on expertise with modern security platforms and telemetry, including SIEM, endpoint, identity, and cloud signals.
- Experience translating security findings into actionable remediation and operational improvements across technical teams.
- Comfortable working with automation, enrichment, and scripting (e.g. PowerShell or Python) to improve efficiency and reduce noise.
Qualifications
University degree in computer science/engineering or an equivalent discipline.
