Responsibilities:

📍Security Monitoring and Incident Response: 📍Implement and lead continuous monitoring of security events and alerts using SIEM technologies. 📍Conduct in-depth analysis of security incidents, utilizing forensics and log analysis, to determine the root cause and extent of the compromise. 📍Lead the development and enhancement of incident response processes, ensuring a swift and effective response to security incidents. 📍Conduct tabletop exercises to simulate and evaluate the organization's incident response capabilities. 📍Provide guidance and mentorship to the SOC team during incident investigations, fostering a collaborative and knowledge-sharing environment. 📍Collaborate with external incident responders and law enforcement agencies when necessary. 📍Contribute to security awareness initiatives by providing insights and recommendations based on incident analysis. 📍Prepare and deliver comprehensive reports on security incidents to both stakeholders and technical audiences.

Threat Intelligence:

📍Lead the collection, analysis, and dissemination of threat intelligence to stay ahead of emerging cybersecurity threats. -📍Evaluate the relevance and impact of threat intelligence on current security controls and recommend adjustments as needed. 📍Implement and lead the integration of threat intelligence feeds into security monitoring tools to enhance detection capabilities. 📍Collaborate with industry peers and organizations to share threat intelligence and best practices. 📍Lead the development of threat hunting strategies to proactively identify and mitigate potential threats.