* Acted as an escalation point to aid Incident Response and Monitoring in investigations,
including packet analysis, log analysis and malware triage.
* Utilized Splunk Enterprise Security, to create correlation searches to detect and alert on
threat entity activity.
* Reviewed threat intelligence feeds for IOCs, actionable items, identified potential threats
and recommended remediation actions to relevant teams.
* Performed analysis of Phishing events, determined scope of campaigns, and performed
remediation actions.
* Undertook active and passive scans across multiple platforms in the business utilizing tools
such as Burp and Cymulate.
* Provided ad hoc scans of web applications and domains within the environment when requested,
providing reports on findings and suggesting remediation steps when required.
* Analyzed alerts triggered by suspicious events to include Network and Host based logs,
utilizing Splunk, Packet Captures, and host logs.
* Recommend improvements in security configurations, processes and procedures.