Job Description
Technical Leadership and Incident Handling
- Act as the primary point of escalation for Level 1 analysts for complex security events and potential incidents.
- Perform in-depth investigation and analysis of security alerts using SIEM, EDR and other security tools.
- Lead the response to confirmed security incidents, including containment, eradication, and recovery efforts.
- Conduct advanced threat hunting to identify indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) that evade traditional detection methods.
- Perform detailed analysis of malware and attacker tools.
Team Management & Mentorship
- Provide daily guidance, supervision, and technical direction to a team of Level 1 SOC Analysts.
- Develop and execute a formal training and mentorship program to groom Level 1 analysts into proficient Level 2 analysts.
- Work with the team-lead to create and review shift schedules to ens...