Responsibilities
- Monitor, triage, and respond to security alerts and events related to cyber threats, intrusions, and system compromises on a daily basis.
- Evaluate security incidents using tools like SIEM and EDR to determine risk levels and escalate critical events to incident response teams according to defined protocols.
- Work with external teams to support incident resolution and manage escalation workflows effectively.
- Inform team leads of operational concerns, including unusual metric trends, active incidents, quality issues, or potential risks, and assist in resolving them when needed.
- Handle assigned incidents throughout the full response lifecycle, including analysis, containment, eradication, recovery, and post-incident review, while maintaining quality standards.
- Keep detailed records for each security case, including findings, actions taken, and root cause analysis.
- Provide timely updates to stakeholders, engage with end-users when necessary, and ensure proper documentation and handover during shift changes.
- Use expertise in security operations to enhance playbooks, standard operating procedures, and training content.
- Support management by proposing improvements or adjustments to detection use cases to strengthen organizational security.
- Be available for paid overtime when required to meet operational demands.
Work Arrangement
Remote
Other
- Operates in a 10x4 Wednesday - Saturday weekly schedule as part of a 24x7 global monitoring function.
- Role is part of a 24x7 global monitoring function.
