Found Description
Key Responsibilities Security Monitoring & Alert Triage * Monitor and triage security alerts and platform health notifications from SIEM (Microsoft Sentinel), NIDS, NMS, and OT-specific security platforms (Nozomi Vantage, Claroty SRA). * Perform initial classification of alerts based on severity, asset criticality, and business impact, ensuring timely action in line with customer SLAs. * Continuously monitor threat detection (MDR) and platform health (CCM) queues across assigned customer accounts during shift. Investigation & Incident Handling * Conduct initial investigation and basic correlation of security events following documented SOPs, playbooks, and runbooks. * Enrich alerts with contextual data - asset information, past incident history, known threat indicators - and update ticketing systems (ServiceNow, iTop) with structured case notes. * Identify and esc...