Investigate and triage complex security incidents, ensuring timely and accurate resolution.
Perform root cause analysis on security incidents and provide recommendations for remediation.
Utilize XSOAR , EDR & SIEM like technologies to monitor and analyse security events.
Coordinate and collaborate with cross-functional teams, including IT, development, and compliance, during security incidents.
Develop and implement incident response playbooks, processes, and procedures. Keep up to date with the latest cyber threats, vulnerabilities, and mitigation techniques.
Good experience in security incident management process from end to end with hands on any IM tool.
Proficient with soar (e.g., DefensePro )and tools like SIEM (e.g. QRadar)
Deep understanding of network protocols, firewalls, IDS/IPS, and security best practices.
Experience in analysing malware, phishing, and other advanced persistent threats (APT).