Monitor, triage, and investigate security alerts from XDR, EDR, SIEM, DLP, and other cybersecurity platforms to ensure rapid detection and response.
Conduct threat hunting activities to proactively identify risks, malicious behaviors, and potential intrusions across networks and endpoints.
Analyse system logs, intrusion artifacts, and network traffic to trace adversary activity, map attack patterns, and uncover vulnerabilities.
Manage, deploy, and optimize core cybersecurity tools, including SIEM, Web Application Firewalls (WAF), IPS/IDS, and other defensive systems. Including SOAR Automations.
Review the company's overall cybersecurity posture, identify gaps, and propose and execute initiatives to strengthen governance, policies, and technical defenses.
Continuously review and harden network, application, and system security to mitigate emerging threats.
Stay ahead of evolving cyber threats by monitoring news, threat intelligence feeds, and security advisories, ensuring proactive risk mitigation.
Lead and support incident response processes, including containment, eradication, root cause analysis, and recovery efforts.
Conduct staff training and security awareness programs to build a culture of cybersecurity vigilance.
Collaborate with cross-functional teams to ensure security is integrated into projects and operational processes, aligning with internal standards and regulatory requirements.
Bachelor's degree in IT, Computer Science, Computer Engineering, or a related field.
Fresh graduate or 1 year of hands-on experience in cybersecurity operations OR software development related fields.
