Responsible Domains as below:
1. Monitoring & Detection
Monitor security alerts from various sources, including SIEM (Security Information and Event Management), EDR (Endpoint Detection and Response), firewalls, and IDS/IPS systems.Triage incoming alerts to distinguish between benign events and genuine security incidents.Maintain and tune use cases within the SIEM to reduce false positives and improve detection capabilities.
2. Incident Response & Management
Lead the technical response to security incidents, including malware outbreaks, ransomware, phishing campaigns, data leaks, and unauthorized access.Perform digital forensics, including disk and memory analysis, to determine the root cause and scope of an incident.Contain, eradicate, and recover from security incidents, ensuring business continuity.Document every step of the incident lifecycle, c...