• Analysis of incidents escalated by N1, providing critical insights and recommendations to improve security and mitigate risks.• Investigation of emails reported as potential phishing by users, contributing to the prevention of potential attacks and improvement of security awareness.• Development and review of playbooks, ensuring efficient processes and rapid response to security incidents.• Management of solutions such as Sentinel, XDR Defender and Cloudflare, strengthening security posture and enhancing threat visibility and control.• Utilization of Kusto Query Language (KQL) to investigate events captured by Sentinel and conduct in-depth investigations, resulting in rapid threat identification and effective response.• Documentation of incidents and investigations in Jira, promoting structured incident management and ensuring clear traceability and communication between teams.

• Monitored and analyzed endpoint activity 24x7 using CrowdStrike XDR, ensuring real-time threatdetection and advanced mitigation strategies.• Investigated and responded to security incidents, achieving rapid containment and resolution withinSLA, minimizing business impact.• Analyzed endpoint behavior to identify anomalies and prevent advanced targeted attacks, reducingsecurity risks.• Isolated compromised endpoints and conducted detailed vulnerability assessments, lowering exposureto future incidents.• Implemented and managed XDR solutions across client environments, ensuring continuous protectionand operational efficiency.• Created detailed security reports, identifying trends and providing actionable recommendations tomaintain system integrity.• Extracted malware remotely for detonation in a sandbox environment, analyzing behavior to supportincident response efforts.• Participated in War Room sessions, collaborating with clients to coordinate incident response strategiesand ensure business continuity.• Managed security tickets and incidents using Zendesk (ITSM), ensuring accurate logging and swiftresolution of issues.• Utilized Splunk Query Language (SPL) to conduct event investigations, improving detection and threatmitigation capabilities.