Monitor and analyze security events and alerts across various platforms (SIEM, EDR, IDS/IPS, etc.).
Investigate potential security incidents and escalate as appropriate, following defined incident response processes.
Correlate events from multiple sources to identify patterns or anomalies.
Perform advanced analysis of cyber threats, malware, phishing, and other attack vectors.
Lead and participate in threat hunting activities to proactively identify potential threats and vulnerabilities.
Serve as the administrator for SOC tools including SIEM, EDR, SOAR, and threat intelligence platforms.
Manage integration of log sources, data onboarding, and normalization across tools.
Tune detection rules, correlation logic, and alerting thresholds to reduce false positives.
Maintain system health, perform upgrades/patches, and troubleshoot issues with SOC platforms.
Develop and document standard operating procedures (SOPs), use cases, and playbooks.
24 into 7

Security Operations Center Analyst