✔ Managing shifts as L2 and helping team members with knowledge transfer.✔ Doing weekly/monthly threat hunting for suspicious activity, utilizing EDR and SIEM to find anomalies, and sweeping IOCs in the network for every new advisory.✔ Creating reports for customers related to SOC Incidents/Tickets on a weekly and monthly basis for evaluation, and helping in tuning FP alerts.✔ Creating Runbooks/Playbooks documents for the SOC Team to handle critical alerts accurately.✔ Creating IR plans accordingly for business-critical alerts and audit compliance with customers.✔ Performing Threat intel for the business from 0-day threats, applying patching for outdated services and applications, and sharing advisories with the internal team to prevent threats.

✔ Managing SIEM for Banking clients working as Lead.✔ Managing SEM solutions for Aviation, including upgrading, patching, and creating rules.✔ Monitoring and Investigation of real-time security events from SIEM✔ Identifying GAP and upgradation of outdated SIEM to patch version.✔ Upgradation of SIEM agents to the patch version.✔ Integration and Parsing of custom applications with SIEM.✔ Mapping of Rules concerning MITRE Att&ck Framework.✔ Troubleshooting and resolving errors observed on SIEM.✔ End-to-end investigation against suspicious activity.✔ Quick response against alerts and offenses generated by SIEM.✔ Health check of the components integrated with SIEM.✔ Prepare accurate and timely reports on a weekly or monthly basis.

✔ Monitoring and Investigation of real-time security events from SIEM.✔ Escalation of Critical / High alerts with L2 and relevant teams.✔ Keep the security systems up to date and contribute to security strategies.✔ Apply Security Best Practices and procedures.

✔ Monitoring and Investigation of real-time security events from SIEM.✔ Creation and Updating of rules for alerts against threats.✔ Escalation of Critical / High alerts with L2 and relevant teams.✔ Keep the security systems up to date and contribute to security strategies.✔ Monitoring and Investigations of XDR Alerts from Endpoints.✔ Collecting Logs, and offense/alarms from different log sources to determine intrusions and malicious Offense/Compromise.✔ Apply Security Best Practices and procedures.✔ FIM (File Integrity Monitoring) events are monitored through XDR (On-Prem, On-Cloud).