Follow detailed operational process and procedures to appropriately analyse, elevate, and assist in remediation of critical information security incidents.
Correlate and analyse events using the Splunk/Log Rhythm/Qradar SIEM tool to detect IT security incidents.
Conduct analysis of log files, including forensic analysis of system resource access.
Review customer reports to ensure quality and accuracy.
Monitor multiple security technologies, such as SIEM, IDS/IPS, Firewalls, Switches, VPNs, and other security threat data sources.
Respond to inbound requests via phone and other electronic means for technical assistance with managed services.
Respond in a timely manner (within documented SLA) to support, threat, and other cases.
Document actions in cases to effectively communicate information internally and to customers.
Resolve problems independently and understand escalation...