Lead investigation and response for complex or high-impact security incidents, including coordination across cross-functional teams.
Oversee daily security operations to ensure timely detection, triage, and resolution of security alerts and incidents.
Drive improvements in detection coverage, including tuning alerts, queries, and dashboards across SIEM (Elastic) and EDR platforms.
Develop and enhance incident response processes, playbooks, and operational workflows.
Work with IT and business stakeholders to implement remediation actions and strengthen security controls.
Oversee vulnerability management prioritisation and remediation tracking with system owners.
Identify and implement automation, AI-assisted analysis, and workflow improvements to improve operational efficiency, alert triage, and response consistency.
Evaluate and apply AI-enabled tools or techniques to ...