• Continuously monitor the Security Information and Event Management (SIEM) dashboard and leverage security tools to detect potential security incidents and anomalies in real-time. • Analyze incoming alerts to determine their relevance and urgency; effectively distinguish between false and true positives to prioritize response efforts. • Conduct investigations by gathering context and other relevant logs to understand scope of alert. • Strictly adhere to established Service Level Agreements (SLAs), Incident Response (IR) playbooks and Standard Operating Procedures (SOPs) to ensure consistent and compliant handling of security events. • Create, update, and manage tickets in our case management system, ensuring all investigative steps, communications, and findings are thoroughly documented. • Identify and escalate complex or high-severity incidents to Tier II or Incident Response Team, providing clear details and a comprehensive summary of initial findings. • Perform basic remediation actions, such as blocking indicators and isolating compromised hosts, when authorized by SOPs or directed by senior personnel. • Demonstrate excellent verbal and written communication skills, when communicating with team members, clients, and/or stakeholders. • Contribute to the team’s knowledge base, creating or updating articles, SOPs, and/or playbooks when new trends or resolution methods are identified.