Monitor and analyze security events and incidents.
Establish foundational operations and procedures for SOC.
Manage and improve threat detection and response processes.
Collaborate with stakeholders to ensure alignment on security needs.
Generate reports and dashboards for tracking SOC performance.
Oversee process improvement programs for SOC operations.
Act as a security advisor, providing expertise on security matters.
Guide analysts in protocol adherence and supervise team members.
Maintain up-to-date knowledge of cybersecurity developments.
Regularly review SOC operations and ensure compliance with established processes.
Manage escalation procedures efficiently and ensure timely resolutions.
Monitor and review incident and case records for compliance and efficiency.
Track timeline adherence for SOC activities and enhance efficiency.
Continuously assess and improve SOC team processes and procedures.
Develop and assess metrics to gauge SOC team performance.
Recommend log sources to include or remove from monitoring scope.
Coordinate with external teams during incident management events.
Develop, implement, and maintain SOC policies, procedures, and documentation.
Manage and schedule 24x7x365 SOC operations to ensure resource availability.
Guide the L1 team in use-case development and configuration on SOC monitoring tools.
Provide leadership and oversight for SOC operations, owning the Security Incident Management process.
Integrate SOC, Threat Intelligence, and related processes for operational control.
Deliver client-facing services, managing expectations and service delivery.
Design and track reporting metrics to measure SOC activity effectiveness.
As a Subject Matter Expert (SME) on Cybersecurity, advise on Security Incidents and Threats.
Collaborate with internal and external contacts to remediate security incidents.
Proactively mitigate cybersecurity risks, enhancing detection and response protocols.