· Act as Incident first responder for a 24/7 staffed SOC.
· Monitor security sensors and review logs to identify network anomalies or intrusions.
· Perform initial analysis of security alerts.
· Escalate security incidents using established policies and procedures in a timely manner.
· Work with customers to analysis potential security incidents, identifying root cause and implement mitigation step(s)/ remedial action(s).
· Performing Response action based on standardize workflow and agreement with clients.
· Assist with the development of incident response plans, workflows, and SOPs.
· Provide threat and vulnerability analysis security advisory services.
· Fulfil Change Requests, Service Requests and respond to internal / external enquiries with regards to Incident Management.
