1. Take a proactive role in identifying security risks, mitigations, and opportunities to strengthen resilience to cyber-attacks and security incidents.
2. Assist with security incident management and response activities.
3. Maintain and tune the Microsoft Sentinel SIEM solution to recognize and differentiate between both normal and unusual system activity.
4. Investigate unusual behavior highlighted by SIEM, reporting potential threats or malicious activity, and support security incident response efforts as required.
5. Provide general day-to-day support on managing and responding to security alerts from systems and end users.
6. Perform daily, weekly, and monthly security checks, reconciliation and compliance checks, and investigate exceptions.
7. Support the wider IT team to provide and share technical knowledge and security best practices.
8. Develop dashboards and reports for monitoring real-time log data that clearly report on and highlight critical events.
#J-18808-Ljbffr