• Lead security incident investigations and ensure timely containment, root cause analysis, and cross-team collaboration. • Provide expert guidance on SIEM strategy, detection logic, and associated security technologies (EDR, email/web gateways, cloud controls). • Standardize and refine monitoring workflows to improve signal quality, reduce false positives, and expand visibility across the environment. • Leverage data from diverse sources (logs, telemetry, threat intel, case history) to identify patterns, emerging issues, and potential business impacts. • Develop, drive, and execute recommendations—technical or professional—that shape both short-term defensive actions and longer-term operational strategy. • Boost SOC effectiveness by implementing new tools, automation, AI-powered processes, and optimized playbooks supported by clear performance metrics. • Anticipate what’s next by actively monitoring emerging threats and regulatory changes that affect the company. • Mentor and elevate teammates by sharing expertise, modeling strong communication under pressure, and supporting a culture of learning within the SOC. • Collaborate closely with Technology teams, Legal/Privacy, Risk & Compliance, vendors, and third-party service providers. • Act as a subject matter expert for technology, policy, and regulatory topics in your area. • Maintain relevant professional certifications and stay current through conferences and ongoing professional development. • Advise peers and leadership on emerging risks, best practices, and operational implications.