Tasks and Responsibilities
- Assist customers with security related issues.
- Review and validate alerts escalated by Security Analysts.
- Assist Security Analysts on the complex cases and provide guidance
during and after a security incident.
- Reviewing customer reports to ensure that quality and accuracy are
meet.
- Working with customers to create use cases, correlations rules,
filters, …. etc.
- Creation and tuning IDS rules.
- Fine tuning alerts.
- Reacts to customer’s escalations.
- Mentor and Train security analysts in both technical and process
areas.;
- Create incidents and support the customers of such incidents to not
only mitigate the current threat but also prevent future occurrence.
- Provide support and recommendations to customers in the interest of
promoting and maintaining an appropriate security posture.
- Perform vulnerability management.
- Be part of on-call rotation team for off-shift escalations.
- Participates in security investigations.
- Provide feedback for improvement.
- Follow the incident response process to ensure all security
incidents are created and escalated within SLA.
- Participates in organizational projects, as required.
- Ensure that all the security controls in scope are deployed and are
working properly and are meeting the customer needs.
- Participates in Endpoint Detection and Response as well as Network
Detection and Response management on behalf of customers.