Perform real-time analysis and trending of security log data from various security devices and systems.
• Maintain data sources feeding the log monitoring system, develop and maintain detection and alerting rules.
• Respond to user incident reports and evaluates the type and severity of security events.
• Execute initial triage of incidents to rule out false positives.
• Identify recurring security issues and risks and develops mitigation plans and recommends process improvements.