• Perform continuous security monitoring and alert analysis using SIEM (Splunk) to detect suspicious
activity, potential intrusions, and policy violations across enterprise environments.
• Conduct in-depth log analysis and correlation across network devices, firewalls, servers, applications,
and endpoints to identify anomalies and unauthorized access attempts.
• Investigate security alerts through structured incident triage, validate true positives, assess severity, and
escalate incidents according to SOC procedures.
• Actively participate in the incident response lifecycle, supporting containment, eradication, recovery,
and post-incident analysis in alignment with organizational playbooks.
• Perform vulnerability scanning and assessments using tools such as Nmap, analyze findings, prioritize
risks, and coordinate with IT teams to support remediation efforts.
• Monitor and analyze alerts from firewalls, IDS/IPS, and endpoint protection platforms to identify
network-based and host-based threats.
• Support the implementation and ongoing management of security controls, including firewall rule
reviews, access control policies, and endpoint security configurations.
• Assist with identity and access management (IAM) operations, enforcing least privilege principles,
supporting MFA implementation, and performing periodic access reviews and account audits.
• Conduct phishing email analysis, identify malicious indicators, and support security awareness initiatives
to reduce social engineering risks across the organization.
• Contribute to risk assessments and compliance activities aligned with NIST CSF, ISO 27001, and CIS
Controls, including evidence collection and control validation.
• Document security incidents, investigations, and remediation actions clearly and accurately for both
technical teams and business stakeholders.
• Collaborate with IT infrastructure, network, and system administration teams to apply patches,
implement system and network hardening, and improve the overall security posture.
• Support continuous improvement of SOC processes, incident playbooks, and detection capabilities
through lessons learned and operational feedback.
- Company industry:
- Pharmaceutical Manufacturing
- Job role:
-
Information Technology
