Key Responsibilities

• Lead high‑severity incident response and containment activities, coordinating with stakeholders across IT and business units.
• Conduct in‑depth forensic analysis on endpoints, networks, and logs to determine the root cause and impact of security incidents.
• Develop advanced detection use cases and correlation rules based on threat intelligence and TTPs (MITRE ATT&CK, etc.).
• Perform proactive threat hunting using SIEM, EDR, and threat intel feeds to uncover undetected threats.
• Review and fine‑tune alerts, playbooks, and automation workflows to reduce false positives and improve SOC efficiency.
• Mentor L1 and L2 analysts, providing guidance, training, and quality review of investigations.
• Serve as a technical escalation point for complex security issues and investigations.
• Contribute to incident post‑mortems and provide recommendations to improve security posture and processes.
• C...