Profile / Tasks: 
 

- Manage the existing SOC service, define and periodically communicate key indicators to assess its performance and service level;

- Proposing the development of new use cases within the scope of the external threat scenario, supporting the integration of new recording sources and fine-tuning to minimise false positives and false negatives;

- Analysing and triaging security incident alerts reported by the SOC service and confirming that they are not false positives, sponsoring interaction with the CSIRT/SecOps team;

- Leading security incident management initiatives following internal procedures to ensure that appropriate response procedures are adopted to contain or eradicate the incident as efficiently as possible;

- Communicate new indicators of compromise (IoCs) or misconfigurations to the architecture and security assurance team to support the vulnerability management process and address new cyber risks as quickly as possible;

- Experience with Microsoft Azure Sentinel (valued).