Roles and responsibilities:(+6 Years )
- Create and implement advanced correlation rules within the SIEM to identify and respond to emerging security threats effectively.
- Oversee the development and refinement of scripts that unify diverse data sources within the SIEM, ensuring smooth data flow and precision.
- Design and develop scalable security management tools and processes to enhance overall security posture.
- Monitor the health and performance of log sources to ensure reliable data collection and system functionality.
- Generate comprehensive reports as required by Security Operations Center (SOC) management teams to provide insights into security incidents and trends.
- Engage in troubleshooting and problem-solving across multiple technologies, often needing to devise new methods to address complex issues.
- Work closely with SOC Team to optimize SIEM performance, ensuring it meets business needs and provides adequate visibility into critical information assets and infrastructures.
- Develop and maintain cybersecurity policies, standards, and procedures.
- Ensure alignment of cybersecurity initiatives with business objectives and regulatory requirements.
- Collaborate with stakeholders to establish a culture of cybersecurity awareness and compliance.
- Prepare and conduct awareness campaigns for employees such as phishing campaigns, training etc.
- Assist in conducting stress testing to ensure the reliability of the security systems.
- Stay informed about relevant laws, regulations, and industry standards (e.g., NIST, ISO 27001, GDPR).
- Prepare and maintain documentation for audits and compliance assessments.
Coordinate internal and external audits, ensuring timely resolution of findings
