Monitor, triage, and investigate security alerts from XDR, EDR, SIEM, DLP, and other cybersecurity platforms to ensure rapid detection and response.
Conduct threat hunting activities to proactively identify risks, malicious behaviors, and potential intrusions across networks and endpoints.
Analyse system logs, intrusion artifacts, and network traffic to trace adversary activity, map attack patterns, and uncover vulnerabilities.
Manage, deploy, and optimize core cybersecurity tools, including SIEM, Web Application Firewalls (WAF), IPS/IDS, and other defensive systems. Including SOAR Automations.
Review the company's overall cybersecurity posture, identify gaps, and propose and execute initiatives to strengthen governance, policies, and technical defenses.
Continuously review and harden network, application, and system security to mitigate emerging threats.