Roles and Responsibilities :

- Analyze and monitor security events and alerts from multiple sources.

- Perform real-time incident handling from detection to remediation.

- Apply knowledge of MITRE ATT&CK framework in detection and response.

- Work within a Security Operations Center (SOC) or Managed Security Services (MSS) environment.

- Use SIEM tools such as Microsoft Sentinel, RSA, or LogRhythm.

- Identify false positives and provide tuning recommendations.

- Understand and defend against web/browser-based exploits, APTs, and targeted malware.

- Handle Web-based attacks (OWASP Top 10) and Network-based attacks (DoS/DDoS, system-level threats).

- Demonstrate strong understanding of networking, operating systems (Windows/Linux), and security protocols.

- Understand core security concepts such as lateral movement, privilege escalation, persistence methods, C2 communication, and data exfiltration.

- Investigate the root cause of malware and proactively implement mitigation measures.

- Have a basic understanding of vulnerability assessments and CVSS scoring systems.

- Monitor and analyze incidents using SIEM and vulnerability management tools.

- Conduct threat hunting, incident response, and remediation activities.

- Collaborate with internal teams to improve overall security posture.

- Maintain detailed documentation of incidents, investigations, and implemented controls.

- Stay updated on evolving threats, vulnerabilities, and compliance requirements.

Qualifications :

Education :

- Bachelors degree in Computer Science, Information Security, or related field