Continuously monitoring network traffic, systems, and security events.Identifying cyber threats and analyzing the sources of attacks.Responding rapidly to cyber attacks and managing security incidents.Documenting all security incidents, actions taken, and their outcomes.Identifying and assessing vulnerabilities in systems and networks.

Requirements:

Familiarity with information security principles (confidentiality, integrity, and availability).Knowledge of network protocols (TCP/IP, HTTP, DNS) and conducting network traffic analysis.Proficiency in working with SIEM tools such as Splunk, QRadar, IDS/IPS, firewalls, and Endpoint Protection tools.Skill in documenting and reporting to management and technical teams.Ability to design playbooks for identifying cyber attacks.