Job Description
- Monitor, triage, and investigate security alerts across platforms including SentinelOne (Vigilance), Field Effect Complete, Microsoft Defender, and ThreatLocker;
- Correlate events across multiple tools to identify true positives and reduce noise;
- Assist in response actions during security incidents (containment, isolation, remediation coordination);
- Participatein full incident lifecycle including investigation, response support, and post-incident documentation.
Security Operations & Investigation
- Analyze endpoint, identity, and cloud activity to identify suspicious or malicious behavior;
- Perform targeted investigations and deeper analysis when required;
- Leverage available tools and data sources to validate alerts and determine impact;
- Support continuous improvement of monitoring and response processes.
Multi-Client SOC Delivery (MSP Environment)
- Manage and prioritize ...