• Act as the primary liaison with national and industry CERTs, ensuring timely information sharing, collaborative response, and alignment with threat intelligence advisories.
• Supports a global team responsible for SIEM and data detection engineers to enhance threat detection and response capabilities. Partners with threat intelligence, incident response, and vulnerability management teams to enhance threat detection capabilities.
• Supports a global team responsible of automation engineers to enhance automation capabilities, reduce risk and drive operational efficiency.
• Supports a global team responsible for endpoint, network, email and cloud Data loss Prevention (DLP) security controls along with Data Classification scanning.
• Supports a global team responsible for implementing security monitoring and mitigating external threats across multiple cloud environments AWS, Azure, GCP leveraging CSOC security stack.
• Supports a global team responsible for CSOC development operations including ServiceNow platform Incident Case Management and enterprise Request development. Understands development and scripting.
• Provides guidance and coaches security teams towards best practices and learnings. Oversees product teams' support of the messaging, communication, and customer outreach as necessary.
• Partners with internal SOC teams and Vanguard businesses to remediate risks.
• Participates in special projects and performs other duties as assigned.
