Description :

- Monitor and analyze security events and alerts generated across platforms such as SIEM, EDR, and IDS/IPS systems.

- Investigate potential security incidents and escalate them appropriately in line with defined incident response processes.

- Correlate events from multiple data sources to detect patterns, anomalies, or indicators of compromise.

- Conduct advanced analysis of cyber threats including malware, phishing campaigns, and other attack vectors.

- Lead and participate in proactive threat hunting activities to identify hidden threats and vulnerabilities before they escalate.

- Administer SOC tools including SIEM, EDR, SOAR, and threat intelligence platforms.

- Manage the integration of log sources, oversee data onboarding, and ensure normalization of data across tools.

- Tune detection rules, correlation logic, and alerting thresholds to minimize false positives and improve alert fidelity.

- Maintain the health of SOC platforms by performing upgrades, patches, and troubleshooting as needed.

- Develop and document Standard Operating Procedures (SOPs), use cases, and incident response playbooks.

- Work in a 24x7 operational environment, supporting round-the-clock security monitoring coverage.