• Monitor and analyze network traffic, system activities, and security events to detect potential intrusions, attacks, or vulnerabilities.
• Respond to, investigate, and remediate security incidents, ensuring timely resolution and proper escalation where required.
• Perform regular risk assessments, vulnerability assessments, and security audits to identify and mitigate potential risks.
• Conduct penetration testing and security validation exercises to proactively identify weaknesses in systems, applications, and network infrastructure.
• Prepare detailed incident reports, root cause analyses, and recommendations for continuous improvement.
• Manage, maintain, and troubleshoot security infrastructure, including firewalls, VPN (SSL/IPsec), encryption systems, DMZ environments, and endpoint protection solutions.
• Monitor endpoints using EDR and NDR solutions to detect, analyze, and respond to advanced threats.
• Utilize SIEM & SOAR platforms for log monitoring, correlation, and threat detection.
• Monitor and secure Active Directory and identity systems using relevant security tools.
• Administer and support security solutions such as NAC, PAM, and IAM, including daily operations and troubleshooting.
• Integrate network devices and servers (Linux/Windows) with SIEM and other centralized security platforms.
• Collaborate with internal teams and attend technical sessions to ensure alignment of security operations and initiatives.
• Support the implementation and follow-up of cybersecurity projects and initiatives across the organization.
• Promote security awareness by guiding and training staff on cybersecurity best practices.
• Stay updated with the latest cybersecurity threats, vulnerabilities, and technologies to enhance the organization’s security posture.
• Perform any additional tasks assigned by management in line with organizational objectives.
