🎯
Full-Time Opportunity: This is a permanent, full-time position with a competitive package and real career growth potential.
Job Description
Responsibilities
- Monitor SIEM, EDR & XDR dashboards to identify and validate security events in real-time.
- Perform deep-dive analysis on suspicious activity using logs, telemetry, and threat intelligence.
- Exercise investigative autonomy: Move beyond the initial alert to determine the full scope and blast radius of a threat.
- Follow established playbooks & runbooks for incident handling and escalation.
- Correlate logs from multiple sources to verify incidents.
- Playbook Execution & Creation
- Strictly follow established SOPs and Playbooks to ensure consistent incident handling.
- Playbook Authoring: Identify gaps in current processes and draft new playbooks to automate or standardize responses to emerging threats.
- Continuously tune and refine existing alerts to reduce false-positive rates (FPrate).
- Incident Documentation & Escalation
- Create detailed, technical tickets that ...