Team Lead de SoC
Profile / Tasks:
- Manage the existing SOC service, define and periodically communicate key indicators to assess its performance and service level;
- Proposing the development of new use cases within the scope of the external threat scenario, supporting the integration of new recording sources and fine-tuning to minimise false positives and false negatives;
- Analysing and triaging security incident alerts reported by the SOC service and confirming that they are not false positives, sponsoring interaction with the CSIRT/SecOps team;
- Leading security incident management initiatives following internal procedures to ensure that appropriate response procedures are adopted to contain or eradicate the incident as efficiently as possible;
- Communicate new indicators of compromise (IoCs) or misconfigurations to the architecture and security assurance team to support the vulnerability management process and address new cyber risks as quickly as possible;
- Experience with Microsoft Azure Sentinel (valued).