Skill Sets:
SIEM, EDR, XDR, SOC Analyst
Job Details:
• Analyse and triage security alerts escalated from L1 SOC Analysts. • Investigate security incidents using SIEM, EDR, XDR, and threat intelligence tools. • Conduct deep analysis to identify the full attack kill chain of security incidents. • Lead and coordinate initial incident response: containment, mitigation, and recovery. • Escalate critical or unresolved incidents to L3 teams with detailed findings. • Prepare Root Cause Analysis (RCA) reports for major incidents. • Develop and fine-tune detection rules, use cases, and correlation logic in SIEM platforms. • Recommend new detection use cases with logic, thresholds, and query optimizations. • Identify security gaps and recommend enhancements to L3 teams or clients. • Handle L2 and above technical escalations and ensure resolution within SLA. • Create and update incident tickets; maintain thorough documentation of investigation and remediation. • Execute predefined SOAR playbooks for incident response. • Monit
