Job description:
Responsibilities: Operate and manage cyber defence tools to continuously monitor and analyse system activities, identifying potential threats, vulnerabilities, and malicious behaviour. Review and enhance routine monitoring use cases to ensure effectiveness, relevance, and adequate coverage. Develop and implement improvements, including scripting and SIEM/SOAR tuning, to strengthen and automate monitoring, triaging, and analysis processes. Identify security weaknesses across systems and applications, and collaborate with IT teams to prioritise remediation, track progress, and ensure timely patching and risk mitigation. Perform proactive threat hunting to detect indicators of compromise (IOCs), and identify threat actor tactics, techniques, and procedures (TTPs) within the environment. Support 24x7 security operations by handling Tier 2/3 incident escalations, including investigation, response, and reporting of security events. Assist in digital forensic investigation...