Rôles occupés
Security
Real-time log monitoring in the Security Operations Center from different devices such as firewalls, IDS, IPS, operating systems like Windows, Linux, Windows-Web Servers, Databases
• Ensure the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through the performance of formal risk assessments, and internal threat with the use of SIEM tools.
• Advanced understanding to develop the complex Use Cases on the QRadar and Splunk Enterprise Security SIEM Solutions.
• Monitoring security system and diagnosing malware events to ensure no interruption of service.
• Identifying potential threat, phishing attacks, and anomalies.
• Monitoring network traffic for security events and perform triage analysis through EDR tools.
• Investigating phishing emails by reviewing attachments, header information and the resource and taking required actions.
• Responding to cyber security incidents by collecting, analyzing, providing detailed evidence.
• Maintaining & monitoring situation awareness,
• Incident management, incident response
• Receiving, assessing, utilizing information,
• Managing the flow of information
• Security Operations planning, coordination and management
• Project management, coordination, training and monitoring
• Communication, Coordination, Organization, Risk and Crisis management
• Ensuring all quality standards, conducting and reporting statistical analysis
• Information management & information security
• Preparation and presentation of routine and on-demand data-driven reports/briefings
• Handling multiple tasks and responsibilities independently
Network+, Security+, ISO 27001, Security Operation Center Hands-On, SIEM, EDR Security