SOC yst

• Recognizesuccessful cyber intrusions and compromises through log review andanalysis of relevant event detailinformation.
• Acknowledgeanalyse validate incidents and alerts triggered by SIEMsolution
• Launch andtrack security investigations to resolution. Recognize cyberattacksbased on their signatures. Differentiate the false positives fromtrue intrusion attempts and help remediate /prevent.
• Activelyinvestigate the latest in security vulnerabilities advisoriesincidents and penetration techniques and notify client whenappropriate.
• Performtasks as identified in a Security Operations Process Manual andrunbooks.
• Coordinatewith Clients internal teams for relevant security incidentinvestigations.
• Conductperiodic Vulnerability Assessment andReporting.
• Configurereports dashboard alerts of Security Events Logs as per customerrequirement.
• Installand Configure LogCollectors.
• Configureand set up alerts for Security Event Log Management with SIEMdeploy agents implement/ fine tunerules.

• Monitoringanalyzing and detecting security events and incidents related toendpoints
• Manage tune and optimizeEDR tool which includes evaluating existingrules.
• Certification isPlus

cyber-attacksrecognition,security event logmanagement,security,dashboard,soc,customer,siem,edr,crowdstrike,security investigations,log review,endpoint detection andresponse,microsoft defender,vulnerabilityassessment,sentinelone