Monitor, triage, and investigate security alerts across platforms including SentinelOne (Vigilance), Field Effect Complete, Microsoft Defender, and ThreatLocker;
Correlate events across multiple tools to identify true positives and reduce noise;
Assist in response actions during security incidents (containment, isolation, remediation coordination);
Participatein full incident lifecycle including investigation, response support, and post-incident documentation.
Security Operations & Investigation
Analyze endpoint, identity, and cloud activity to identify suspicious or malicious behavior;
Perform targeted investigations and deeper analysis when required;
Leverage available tools and data sources to validate alerts and determine impact;
Support continuous improvement of monitoring and response processes.