• Monitor network traffic and security alerts for potential events/incidents.• Conduct initial triage, declare events/incidents, create incident cases, gather evidence, track and update incident status, and identify additional action items.Handle P1 and P2 incidents under the direction of leads and specialists. Follow through to closure P3 and P4 incidents.• Detect, document, respond to and escalate events and incidents in accordance with MSS Incident Handling policies and procedures.• Demonstrate capabilities and techniques that can be used to mitigate Cyber-attacks and threats.• Demonstrate the capability to utilize the Security Tools to investigate and correlate events.• Develop reports and/or briefings for events/incidents. Conduct research on emerging security threats.• Maintain shift logs for all SOC activities conducted during scheduled hours.• Monitor, maintain, and respond to group email and distribution lists.• Create tickets for necessary tasks that need to be executed by external teams. Ensure tasks are communicated via email to the respectable team(s), as well as documenting and tracking activities within tickets according to ticketing procedures, and annotating in shift logs according to shift report procedures. Conduct systems and tools health checks.• Recommend updates to the wiki with relevant content as it becomes known.Ensure that the phones are forwarded to the “On-Call” or appropriate individual when the office is unmanned.• Maintain shift logs for all relevant SOC activities.• Conduct internal and external trainings on various topics related to SOC

• Provide Cyber Security Operations on a 24x7x365 basis by shift work with rotation.• Nessus - Conduct Network Vulnerability Assessment.• Prepare detailed reports, analyze scan reports and suggest remediation/mitigation plan for security vulnerabilities.• Ensure timely delivery of status updates and final reports to client.• Maintain up-to-date documentation of designs/configurations. SOP• Splunk SIEM- Continuous monitoring of alerts queues on SIEM Console, Creating Dashboards, Reports, and Alerts.• Palo Alto FW - Threat Monitoring, Blocking IPs as per the requirement.• Trend Micro AV- Monitor and report on activities such as Known and Unknown Threats, Policy Violation, Managed and Outdated Agents, Unmanaged Endpoints.• Bitdefender GravityZone EDR – Monitoring, Threat Management, Patch Management, Policy Management.• WAF - Monitor network traffic and security alerts for potential threats.