Required: SOC Experience: 5+ years in a Security Operations Center environment with exposure to mature SOC operations and best practices SIEM Expertise: Hands-on experience with Splunk Enterprise Security or comparable enterprise SIEM platforms (building correlation searches, alerts, dashboards, and ES-specific frameworks) Detection Engineering: Proven experience developing security detections, use cases, and alert tuning methodologies MITRE ATT&CK Framework: Practical application of MITRE ATT&C