I continuously monitored systems, networks, and applications using SIEM tools to identify anomalous activity and potential threats.
I analyzed and classified security alerts, assessing their criticality and impact to prioritize an effective response.
I assisted in the management and response to security incidents by following established containment, mitigation, and remediation procedures, documenting each phase of the process.
I correlated events, analyzed logs, and applied threat intelligence to identify suspicious behavior and malicious patterns.
I optimized rules, use cases, and alert thresholds in the SIEM and other SOC tools to improve detection and reduce false positives.
I participated in simulation exercises, post-incident analysis, and continuous improvement projects to increase the maturity and effectiveness of the SOC.
I evaluated the security of third-party solutions and internally developed applications, conducting risk analyses and technical validations to ensure compliance with security standards.
I performed security testing, verified the proper implementation of controls, and issued recommendations to mitigate vulnerabilities before deployment to production, helping maintain a robust and reliable technology ecosystem.