• Monitor security events using SIEM and other security tools, performing initial triage and correlating signals across multiple sources. • Execute incident response activities, including detection, investigation, containment, remediation, and documentation of security incidents. • Analyze alerts and security anomalies to identify legitimate threats, false positives, and situations that require escalation. • Perform perimeter protection activities, maintaining continuous oversight of firewalls, IDS/IPS, and other boundary security technologies. • Conduct in-depth investigations following defined processes and playbooks, ensuring consistent and high-quality incident handling. • Support enhancements to security monitoring, detection logic, and Blue Team processes. • Collaborate with internal teams to implement improvements to policies, controls, and procedures. • Test and validate new tools and technologies to strengthen threat detection and response capabilities. • Produce clear and structured reports on incidents, findings, and remediation steps. • Contribute to continuous learning by staying up to date on cybersecurity trends, threat actors, and defensive techniques.

• Analyze and validate investigations completed by the AI Agents for accuracy, completeness, and risk • Correlate data from various data sources including cloud, endpoint, identity, network, etc. to understand the full picture of a malicious activity • Investigate malicious activity that the 7AI Agents responded to and understand the complexity of the attack that was stopped including the risk that was prevented for customers • Use our advanced AI Agents to hunt in customer environments to detect and remediate emerging threats, ultimately contributing to detections that will be folded back into the product • Assist customers with ongoing threat monitoring, triage, and prioritization of security alerts as needed but especially during incidents to resolve threats and secure the environment • Proactively identify potential threats and anomalies in customer environments by reviewing logs and malicious findings • Utilize your supreme communication skills to engage with customers who vary in their level of technical depth and focus (from SOC analysts to CISOs) • Architect processes while we build out this elite organization to scale the operation sustainably while maintaining consistent quality • Collaborate with the Engineering and Product teams, providing feedback on the customer experience and assist in optimizing and tuning the AI platform • Stay current with emerging cybersecurity trends, vulnerabilities, and new attack techniques, especially the field of AI-driven attacks

Role Description We are seeking a skilled and proactive Splunk Engineer to lead and manage, enhance SOC operations for a UAE based client. - Play a critical role in ensuring the effectiveness of our Splunk SIEM based SOC. - Enhance use cases and playbooks, and address incident management gaps. - Work with the Security Manager to improve Threat detections, improve Risk scoring and powerful case response. - Collaborate closely with a remote SOC team in India to meet client requirements and improve overall SOC performance and effectiveness. Qualifications - 5+ years of experience in Splunk Admin operations, including at least 3 years as a Splunk Engineer or equivalent role. - Proficiency in Splunk Enterprise Security, including developing and maintaining use cases, dashboards, and playbooks. - Strong understanding of SIEM concepts, architecture, best practices. - Proficiency in scripting, automation and query languages (Regex, SQL, Python, Bash etc.). - Familiarity with Windows, Linux, & network device log formats. - Basic knowledge of security frameworks such as NIST, ISO 27001, or MITRE ATT&CK. - Proven experience in incident management and threat analysis. - Hands-on expertise in security monitoring, log analysis, threat hunting. - Knowledge of network security, endpoint security, and cloud security concepts and architecture. - Strong communication and client management skills. - Good troubleshooting and problem-solving attitude. - Capable to work under pressure and manage multiple priorities. - Familiarity with UAE regulatory frameworks & compliance requirements (Optional, e.g. UAE IAR). Requirements - Develop, optimize, and maintain Splunk use cases, dashboards, alerts, and reports to enhance SOC capabilities. - Design and implement effective Splunk playbooks for incident detection, response, and escalation. - Conduct regular health checks and performance tuning of Splunk environments. - Coordinate weekly with the Security Manager (Sr. Consultant), report and take directions. - Participate in meetings with the client IT teams and stakeholders along with the Security Manager. - Develop and fine-tune correlation rules, alarms, and dashboards for advanced threat detection. - Identify gaps in existing use cases and recommend improvements. - Identify gaps in current SOC operations and implement corrective actions. - Provide hands-on support for advanced incident analysis and forensic investigations. - Ensure consistent and accurate incident reporting to stakeholders. - Act as the primary point of contact for client escalations related to SOC operations. - Collaborate with the Security Manager to align SOC deliverables with client expectations. - Participate in regular client meetings to report on SOC performance and improvements. Benefits - Education: Bachelor’s degree in Information Technology, Cybersecurity, or related field. - Splunk certifications (e.g., Splunk Certified Admin, Splunk Certified Power User, Splunk Certified Architect). - Other Cybersecurity certifications will be an added advantage (e.g., CEH, Application Security, OWASP Top 10, ISO 27001, CSA (Certified SOC analyst), Certified Incident Handler (CIH)).

Title: Security Officer - 32hrs/week - Aurora Aurora, MN Part time Job Description: Building Location: Northern Pines Medical Center Department: 2067590 SECURITY - NPMC HOSP Job Description: Eager to launch your continue your career with the region's most esteemed healthcare provider? Essentia seeks passionate individuals like you. As our Security Officer, you'll be more than an employee; you'll be a vital member of a community dedicated to provide safety to our patients and employees. Education Qualifications: - No education requirements Security Officers protect and safeguard patients, staff, other persons, assets and facilities within Essentia Health. Key Responsibilities: - Patrolling the healthcare environment to deter criminal activity, identify hazards, prevent incidents and safety accidents - Respond to emergencies, alarms, disasters, and threatening situations with violent, dangerous or combative persons - Enforce medical campus rules and take action to maintain order and prevent disruption or interference with medical center operations Schedule: 3:00pm - 11:00pm - Week 1: Monday Tuesday, Thursday, Friday - Week 2: Tuesday, Wednesday, Saturday, Sunday Licensure/Certification Qualifications: Certification/Licensure Required: - Completion of the Basic Training for Healthcare Security Officers from the International Association of Healthcare Safety and Security within 1 year of hire and renewal is not required - Current Basic Cardiac Life Support (BCLS) within 3 months of hire - Completes de-escalation training within 5 months of hire if no previous de-escalation training or has not had a de-escalation training/refresher within past 3 calendar years The locations listed below must meet the driving requirements and criteria acceptable to Essentia Health's insurer. - ST. JOSEPH'S MEDICAL CENTER - 4010-4007590 SECURITY - SJMC - FARGO - 3010-3017590 SECURITY - 32ND HOSP - DETROIT LAKES - 3110-3067590 SECURITY - DL HOSP - DULUTH - 2010-2047590 SECURITY - SMDC HOSP - DULUTH PARKING ENFORCEMENT - 2020-2009200 SMDC SURFACE LOTS - SMMC HOSP FTE: 0.8 Possible Remote/Hybrid Option: Shift Rotation: Day/Eve/Night Rotation (United States of America) Shift Start Time: 3:00pm Shift End Time: 11:00pm Weekends: Every Other Holidays: Yes Call Obligation: No Union: Union Posting Deadline: Compensation Range: $19.28 - $28.92 Employee Benefits at Essentia Health: At Essentia Health, we're committed to supporting your well-being, growth, and work-life balance. Our comprehensive benefits include medical, dental, vision, life, and disability insurance, along with supplemental options to fit your needs. We offer a 401(k) plan with employer contributions to help you plan for the future, and we invest in your professional development through training, tuition reimbursement, and educational programs. To help you thrive both at work and at home, we provide flexible scheduling, generous time off, and wellness resources focused on your physical, mental, and emotional health.