Job Description
Responsibilities Monitor client environments using SIEM platforms to detect, triage, and respond to cybersecurity threats in accordance with agreed SOPs and industry best practices Analyse and investigate security alerts escalated from client teams, MSSPs, and internal systems; lead or support incident response through to closure Triage alerts from the SIEM to identify notable alerts for escalation, based on established operating procedures or industry best practices Advise clients on possible follow-up actions and remediation measures for escalated alerts Respond to incidents and critical alerts outside of office hours when required Perform indicator of compromise (IOC) searches and triage incoming threat intelligence to assess relevance to client assets Gather and report on threat intelligence using the client's Threat Intelligence Platform Coordinate with client stakeholders including IT, infrastructure, application, and business teams during active incidents and programme activitie...