Lead the response to cybersecurity incidents, including malware infections, data breaches, and insider threats.
Perform real-time and retrospective analysis of security events to identify threats Coordinate with MSSP Security Operations Centre (SOC) teams for monitoring and alerting.
Develop and document incident response plans and playbooks.
Should be expertise on handling the incidents end to end.
Conduct proactive threat hunting to identify unknown threats.
Perform digital forensic analysis on compromised systems to determine root causes.
Use forensic tools to collect and analyse logs, memory dumps, and disk images.
Work with SIEM (Security Information and Event Management) tools to detect anomalous behaviour.
Analyse logs from firewalls, intrusion detection/prevention systems (IDS/IPS), endpoint protection, and cloud security tools.
Improve detection capabilities by tuning security alerts and d...