Driver

Exhibit knowledge of attacker lifecycle, TTPs, indicators of compromise (IOCs), and proactively implementing countermeasures to neutralize the threats.
• Act as the focal point for security operations, incident detection and response, threat intel, and contribute to security detection programs
• Identifying and managing a wide range of intelligence sources to provide a holistic view of the threat landscape. (OSINT aggregation)
• Proactive threat hunting of anomalies to identify IOCs and derive custom detection alerts for the IOCs
• Create and enhance SOC/TI, incident handling and response policies, processes and procedures.
• Identifies opportunities to enhance the development and implementation of new methods for detecting attacks and malicious activities.
• Participate as a member of the CSIRT during major incidents and lend contributions to post-Incident review and continuous improvement
• Drive improvements in detection, response capabilities, and operations for the SOC/TI