Abdul Majid Siddiqui

 Monitor security alerts and events in real-time to identify potential security incidents.  Analyze and investigate security alerts, incidents, and anomalies to determine their significance.  Triage and prioritize security incidents based on their severity and potential impact.  Document incident details, actions taken, and resolutions in incident reports.  Use security information and event management (SIEM) tools to detect, investigate, and correlate security events.  Review logs for indicators of compromise (IoCs) and suspicious activities.  Maintain awareness of current cyber threats and vulnerabilities.  Monitor and analyze firewall, IDS/IPS, antivirus, and other security device logs.  Participate in shift rotations to ensure 24/7 coverage of the SOC.  Communicate and coordinate with other IT and security teams during incident response.  SIEM component Installation and Configuration according to the Design prepared by the Security architect.  Planning and Onboarding of multiple types of log sources such as Windows servers, Active directories, Checkpoints, Routers, Switches, Office 365, etc. with SIEM  Prepare checklist and Monitor Health Check for SIEM components.  Troubleshooting of issues related to log sources, reports, dashboards, SIEM components etc.  Periodically update and patch SIEM components and installing useful apps.