Job Description

- Deep dive analysis on alerts and incidents on SIEM, EDR and other security controls. Deliver technical tasks of complex nature as per the timelines assigned - Maintain activity log, SLA details and other critical information necessary for the smoother execution of project - Resolve all technical issues / queries which are assigned / escalated - Partner with other cross-functional teams and client teams to provide effective resolution - Guide and share information with other analysts and teams - Use case creation, content development, playbook creation and automation with API s will be added advantage. - Automation of all L1 L2 activities, - Single point of contact to the client stakeholders - Perform threat modelling of the client assets and accordingly define the necessary use cases - Improvise threat hunting capabilities of the technology Continuous development of analytical, statistical, mathematical models leveraging AI/ML capabilities of the technology to threat detection and prediction capabilities and put in place advanced use cases - Continuous fine tuning of configuration, rules, policies etc. Continuous innovation and automations in intuitive dashboards, report, queries. - Optimization of response time to fetch data, logs in advanced queries, reports, dashboards etc. - Provide necessary support during the Forensics investigation and threat hunting - Perform continuous assessment of respective solution maturity against global standards and fine tune the configuration parameters, technical policies, rules, algorithms accordingly. - Prepare road map for product maturity and enhancements plan and ensure the recommended featured deliver within the agreed times. - Provide on the job training to the client and the team. - Participate in client meetings, discussions etc. - Above is illustrative list of general activities. Technology specific activities shall be arrived at in consultation with the Client Project Manager.