- SIEM implementation and support- Vulnerability management and configuration security- Compliance and Risk Management- Incident Response and Forensics- Solution Architecture

The main responsibilities:- full deployment of Splunk and Elastic Cloud environments for new SOC's clients: infrastructure deployment, data ingestion, visualizations, dashboards and detection rules development- leading pilot projects for potential clients- maintenance of the SOC clients' SIEMs: troubleshooting, additional content development, new data source ingestion- detection rules development- performing false positive remediation- automation of security alerts handling process using SOAR solution: new integrations configuration and playbooks development- preparation and delivery of reports on a client's security posture- participation in automation and general improvements of general SOC's processes

Was employed after successful internship completion.The main responsibilities:- real-time monitoring of client's systems security (Windows, Linux, AWS, Azure, GCP, Google Workspace, Microsoft 365, IDS/IPS, firewalls, Apache, Nginx, IIS)- preparation and delivery of monthly reports on security posture for clients- content development for SIEMs (mainly detections and dashboards)- ingestion of new data sources (both predefined and custom)- full deployment of Splunk environments (both clustered and distributed)- full deployment of Elastic environments (cloud only)- automation of security alerts processing using SOAR (processing scenarios development and their implementation as playbooks)Additional experience:- SOAR solution development (Python)

Courses completed:- Windows and Linux administration- Compliance and security standards- AWS- Malware analysis- Computer networks- Python