T&T - Cyber : D&R - SIEM - Consultant

• Monitor and analyse alerts from SIEM, EDR, NDR, Email Security, DLP, IAM, and Cloud Security tools.
• Validate alerts escalated by L1 and identify true security incidents.
• Correlate events across multiple data sources to identify attack patterns.

Alert Investigation & Triage

• Perform deep-dive analysis of suspicious activities (login anomalies, malware alerts, lateral movement).
• Distinguish between false positives, misconfigurations, and real threats.
• Enrich alerts with context (asset criticality, user behaviour, threat intel).

Incident Escalation & Coordination

• Escalate confirmed incidents to IR/L3 with complete investigation details.
• Coordinate with IT, IAM, Network, and Endpoint teams for containment actions.
• Ensure SLA adherence and proper ticket updates in ITSM/SOAR.

Threat Indicators & Monitoring Enhancements

• Identify IOCs and behavioural indicators during investigations.
• Recommend improvements to monitoring rules and alert thresholds.
• Support continuous improvement of SOC dashboards and reports.

Documentation & Shift Handover

• Maintain accurate case notes, investigation steps, and evidence.
• Prepare shift handover notes and monitoring summaries.
• Support audits and compliance reporting. 1. Advanced Security Monitoring
• Monitor and analyse alerts from SIEM, EDR, NDR, Email Security, DLP, IAM, and Cloud Security tools.
• Validate alerts escalated by L1 and identify true security incidents.
• Correlate events across multiple data sources to identify attack patterns.

Alert Investigation & Triage

• Perform deep-dive analysis of suspicious activities (login anomalies, malware alerts, lateral movement).
• Distinguish between false positives, misconfigurations, and real threats.
• Enrich alerts with context (asset criticality, user behaviour, threat intel).

Incident Escalation & Coordination

• Escalate confirmed incidents to IR/L3 with complete investigation details.
• Coordinate with IT, IAM, Network, and Endpoint teams for containment actions.
• Ensure SLA adherence and proper ticket updates in ITSM/SOAR.

Threat Indicators & Monitoring Enhancements

• Identify IOCs and behavioural indicators during investigations.
• Recommend improvements to monitoring rules and alert thresholds.
• Support continuous improvement of SOC dashboards and reports.

Documentation & Shift Handover

• Maintain accurate case notes, investigation steps, and evidence.
• Prepare shift handover notes and monitoring summaries.
• Support audits and compliance reporting.

• Education B. E / B.Tech (Tier 1/2) in Computer Science, Information Technology or related fields