Devitechs
✔️ Monitor security events, logs, and alerts using SIEM tools like Splunk, Azure Sentinel, or QRadar.
✔️ Investigate suspicious activities, security breaches, and potential threat vectors.
✔️ Conduct vulnerability scans and apply risk mitigation based on findings.
✔️ Develop, implement, and maintain incident response processes and playbooks.
✔️ Monitor firewalls, IDS/IPS, endpoint security, and threat-intelligence platforms.
✔️ Perform root-cause analysis for security incidents and recommend preventive measures.
✔️ Maintain compliance with NIST, ISO 27001, SOC2, HIPAA, or PCI DSS standards.
✔️ Conduct phishing simulations and cybersecurity awareness training.
✔️ Create and maintain security documentation, reports, and dashboards.
✔️ Configure access controls, MFA, identity management, and privileged accounts.
✔️ Collaborate with IT teams to patch security vulnerabilities and software flaws.
✔️ Track emerging threats, malware patterns, and zero-day vulnerabilities.
✔️ Develop automated detection scripts for faster threat identification.
✔️ Evaluate and recommend new security tools and technologies.
✔️ Support forensic investigations and evidence gathering when needed.
✔️ Secure cloud environments and perform cloud posture assessments.
✔️ Monitor data loss prevention (DLP) systems and insider-threat indicators.
✔️ Coordinate with external auditors, vendors, and regulatory bodies.
✔️ Ensure secure configuration of servers, endpoints, and applications.
✔️ Provide post-incident analysis and continuous security improvements.
#J-18808-Ljbffr
#J-18808-Ljbffr