Accomplished professional with expertise in overseeing security details, security architecture and design, and technical project management. Demonstrates proficiency in network security best practices based on NCA controls and endpoints security best practices and operations. Skilled in vendors evaluation, with a strong focus on enhancing organisational security posture.
-Investigating and responding to security incidents.
- Work with the SOC L1 team to identify and prioritize security alerts.
- Conducting in-depth investigations to determine the root cause of incidents.
- Responsible for keeping track of SLAs.
- Review SOC documentation and the Incident Response plan based on the trends and lessons learned
- Responsible for communicating status and updates of incidents to the CISO.
- Communicate complex technical concepts to non-technical stakeholders.
- Provide support for audit and compliance activities.
-Guide the overall day to day operations and ensuring events and/or incidents are detected and responded to in adherence to established process as well as procedures
- helping in Create use cases based on the MITRE ATT&CK framework to ensure comprehensive coverage of potential threats and tactics commonly employed by APT groups.
- Ensure documentation is being maintained and tracked based on existing SLAs and act as the escalation point should issues arise.
- Review SOC documentations include Runbooks, Playbooks and the Incident Response plan based on the trends and lessons learned.