Job Description
Role Overview
This role supports Security Operations Centre (SOC) activities, including monitoring, investigation, threat hunting, and incident response. The resource operates as a second line of defense, translating alerts into actionable findings and improving detection capability.
Core Responsibilities- Perform L2 triage and investigation of security alerts across SIEM, EDR/XDR, email, identity, network, and cloud platforms
- Correlate events to identify root cause, scope, and impact of security incidents
- Investigate phishing, malware, account compromise, and unauthorised access cases
- Conduct proactive threat hunting using threat intelligence and MITRE ATT&CK
- Support containment, remediation, and recovery activities
- Contribute to SOC improvements (playbooks, detection tuning, onboarding of new tools)
- Degree or Diploma in Cybersecurity, IT, or related field ...