Responsibilities Monitor client environments using SIEM platforms to detect, triage, and respond to cybersecurity threats in accordance with agreed SOPs and industry best practices Analyse and investigate security alerts perform deep-dive log analysis across system and OS layers to establish baselines and identify anomalous behaviour Map threat tactics, techniques, and procedures (TTPs) to the MITRE ATT&CK framework and construct plausible attack-path hypotheses to inform containment actions Produce escalation reports and notes manage triage workflow and identify improvements to automation playbooks Conduct IOC-based reactive threat hunts against limited TTPs Operate SIEM, SOAR, EDR, and wider security tooling within the scope of the service engagement Perform indicator of compromise (IOC) searches and triage incoming threat intelligence to assess relevance to client assets Coordinate with vendors, external CERTs, and internal business stakeholders during incident response activities M...