Key Responsibilities

• Monitor security alerts and events using SIEM and other security tools
• Perform initial triage and analysis of security incidents
• Identify and elevate suspicious activities or potential threats to L2/L3 teams
• Investigate alerts related to malware, phishing, intrusion attempts, and policy violations
• Follow standard operating procedures (SOPs) and incident response playbooks
• Document incidents, findings, and actions taken in ticketing systems