Responsibilities
- Lead the full lifecycle of security incidents, starting from detection to containment, eradication, and recovery.
- Advance threat intelligence efforts by evaluating new threats and incorporating external data into detection systems.
- Conduct in-depth forensic investigations on endpoints and network traffic to uncover root causes and attacker persistence methods.
- Develop and optimize automated playbooks in SOAR platforms to accelerate and standardize incident response actions.
- Carry out proactive, hypothesis-based threat hunting across enterprise environments.
- Serve as the escalation contact for complex security events and guide junior analysts in advanced investigation techniques.
- Produce comprehensive incident reports and communicate technical findings clearly to both technical teams and executive leadership.
