Key Responsibilities

• Lead investigation and incident response activities for high‑severity or complex security incidents across multiple clients.
• Act as final escalation point for incidents unresolved by Tier 1 and Tier 2 analysts.
• Conduct advanced forensic analysis of logs, network traffic, endpoints, and malware to identify root cause and scope.
• Perform proactive threat hunting based on current threat intelligence, TTPs (MITRE ATT&CK), IOCs, and anomalous behavior.
• Develop and refine detection logic, SIEM correlation rules, and EDR/NDR signatures to enhance SOC effectiveness.
• Support incident containment, eradication, and recovery efforts across diverse client environments.
• Collaborate with Threat Intelligence, Engineering, and IR teams to improve tools, data sources, and workflows.
• Identify gaps in an organization’s measurement metrics, telemetry, and logging capabilities and propose enhancement strat...