Found Description
Job Description
- Design, implement, and maintain security architecture for on-premises environments.
- Monitor, detect, triage, and respond to security incidents and alerts end-to-end, providing L2 and L3 support; own the incident lifecycle from initial detection through containment, eradication, recovery, and post-incident review.
- Operate and tune Microsoft Sentinel (SIEM/SOAR) — build detection rules, analytic queries, and automated playbooks to reduce mean time to detect and respond.
- Leverage Varonis for data access governance, insider threat detection, and abnormal behaviour alerting across file systems and cloud storage.
- Design, plan, and execute internal Red Team engagements — including scoping, rules of engagement, adversary simulation, and structured debrief — to validate defensive controls and identify gaps before real attackers do. Improve and maintain the Red Team Infrastructure aligned with the current threat landscape