Responsibilities:

Configure, maintain, and optimize FortiSIEM solutions. Develop and implement SIEM use cases and rules. Monitor and analyze SIEM s and logs for security incidents and anomalies. Perform regular updates, patches, and system health checks. Proactively search for threats and indicators of compromise (IOCs) within the network. Develop threat hunting methodologies and playbooks. Utilize advanced threat detection tools and techniques to identify malicious activities. Conduct deep-dive investigations and forensic analysis on security incidents. Lead and coordinate response efforts during security incidents. Perform root cause analysis and develop remediation plans. Document incidents, findings, and actions taken in detailed reports. Collaborate with other IT and security teams to enhance incident response capabilities. Continuously monitor network traffic, logs, and security events for suspicious activities. Analyze and interpret data from various security tools (IDS/IPS, firewalls, EDR, etc.). Provide recommendations for security improvements based on analysis and findings.