• Help in the implementation of strategies for threat analysis and vulnerability assessments. • Participate in tier 2/3 security operations support, and incident handling. • Perform proactive research to identify and understand new threats, vulnerabilities and exploits. • Design and implement and monitoring IDS, Firewall and log correlation tools for threats, initiate remediation actions per procedures where required. (Snort, Splunk.). • Day to day review of SIEM events/alarms (Alien Vault, Security Onion). • Proactively assess potential items of risk and vulnerability in the network & systems. • Monitor open source channels (e.g. vendor sites, Computer Emergency Response Teams, SysAdmin, Audit, Network, Security (SANS) Institute, Security Focus) to maintain a current understanding of Computer Network Defense (CND) threat condition and determine which security issues may have an impact on the enterprise. • Perform analysis of log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system logs) to identify possible threats to network security. • Performing cyber incident response analysis by using some of Leverages tools like FireEye suite, GRR, Cuckoosandbox, MISP - Malware Information Sharing Platform, etc. • excellent knowledge with automation incident response platform (Thhive project with cortex analyzer • Identify intrusion artifacts at the host and network level, have a strong understanding how discovered data can be used to enable CND hunts and incident mitigation within the enterprise.