Security Monitoring: Continuously monitor and triage security s using SIEM and other detection tools. Investigate and close security events effectively.
Incident Response: Lead and support security incident response efforts including triage, escalation, resolution, documentation, and post-mortems (e.g., malware, unauthorized access, data leaks).
Threat Intelligence & Analysis: Analyze logs, s, and OSINT feeds to identify threats and recommend risk mitigation strategies.
Security Documentation: Maintain up-to-date documentation of security processes, incident reports, threat intel, runbooks, and playbooks.
Audit & Compliance Support: Assist with security audits, compliance checks, and vulnerability assessments to ensure policy and regulatory adherence.
Tool Management: Support configuration, optimization, and health of security tools across environments.
Cross-functional Collaboration: Partner with Security, IT, Engineering, Product, Legal, and Business Ops to embed security into daily operations.
Threat Hunting: Drive a proactive threat hunting program using advanced detection tools, data analytics, and behavioral patterns.
IAM & Access Governance: Support the design, implementation, and maintenance of Identity & Access Management frameworks and controls.