Lead, manage and ensure effective review, prioritisation and handling of alerts generated by multiple security detection platforms, coordinating with SIEM and detection engineering teams for rule enhancements and tuning to reduce false positives and improve alert quality.
Lead, manage and monitor SOC administrative procedures and services delivered by outsourced service providers to ensure alignment with approved security policies, procedures, service level agreements and regulatory requirements, including addressing non‑compliance and operational deviations.
Lead and manage SOC operational documentation including standard operating procedures, playbooks,escalation workflows and response guidelines, and continuously improve SOC processes and analyst approaches to security events highlighted by tools such as SIEM, endpoint protection, APT and other security monitoring platforms.
...