Job Description: + Conduct in-depth, real-time analysis of security alerts and incidents, correlating multiple data sources to identify potential threats and vulnerabilities. + Employ advanced threat-hunting techniques, leveraging behavioral analytics and machine learning to uncover hidden threats proactively. + Lead incident response activities, coordinating with cross-functional teams to contain, eradicate, and recover from cyber incidents. + Monitor security systems and tools for potential threats and anomalies. + Analyze security alerts and incidents to determine their nature and impact. + Collaborate with other security teams and departments to address security issues. + Create and refine security content, such as use cases and playbooks. + Generate reports from SIEM tools for analysis and reporting. + Analyze SIEM or SOAR data for prioritization and escalation. + Stay abreast of emerging security threats and technologies, providing recommendations for enhancing the SOC's capabilities. + Mentor and develop junior SOC analysts, fostering a culture of continuous learning and improvement. + Contribute to developing and refining security policies, procedures, and standards. Requirements: + Relevant experience of 5-7 years. + Perform operational 'eyes on glass' real-time monitoring and analysis of security events from multiple sources including but not limited to events from SIEM monitoring tools, network and host-based intrusion detection systems, firewall logs, and system logs (Unix & Windows). + Perform incident response activities such as host triage and retrieval, malware analysis, remote system analysis, end-user interviews, and remediation efforts. + Responsible for responding to security incidents (malware infections, unauthorized access, malicious emails, DDoS attacks) and elevating to the Management team as needed. + General knowledge of the capabilities and/or configuration of cybersecurity controls, specifically those relating to firewalls, access control, authentication, anti-virus/anti-malware, patching, and logging + Evaluate the type, nature, and severity of security events with a range of security event analysis tools. + Works with Senior Enterprise Security staff of client as well as the Computer Security Incident Response Team on a day-to-day basis. Demonstrate capability to make sound decisions based on good security practices and principles + Able to take ownership of tasks and see-through completion, + Willingness to learn, absorb and correlate technical information and then be able to interpret and simplify it.