Job Description
Job type: Full-time employee
Responsibilities
- Investigate alerts and security incidents in SIEM, EDR, XDR, firewall, IAM and other sources.
- Correlate events and validate false positives autonomously.
- Conduct intermediate analyses, record evidence and document timelines.
- Support containment and escalation when necessary.
- Collaborate with N3, MSS, CSIRT and internal areas to accelerate response.
- Contribute to continuous improvement of rules, playbooks and SOC processes.
Qualifications
- Minimum 2 years experience in SOC, monitoring, investigation or incident response support.
- Strong foundation in Windows/Linux system logs, network logs, and security fundamentals.
- Analytical, organized, collaborative profile.
- Good written and verbal communication and ability to work with client specialists.
- Preferred: Knowledge of MITRE ATT&CK, SOAR, threat ...