The opportunity
Your key responsibilities
· Operational support using SIEM solutions (Splunk, Sentinel, CrowdStrike Falcon LogScale), EDR (CrowdStrike, Defender, Carbon Black) and NSM (Fidelis, ExtraHop) for multiple customers.
· Specialized in second level incident validation and more detailed investigation
· Performs incident coordination and communication with client to ensure effective containment, eradication, and recovery
· SIEM support activities which includes adhoc reporting and basic troubleshooting
· Advise customers on best practices and use cases on how to use this solution to achieve customer end state requirements.
· Provide near real-time analysis, investigating, reporting, remediation, coordinating and tracking of security-related activities for customer
Skills and attributes for success