https://bayt.page.link/v1TUmrkCw1dqRip19
أنشئ تنبيهًا وظيفيًا للوظائف المشابهة

الوصف الوظيفي

Responsibilities:

• Provide investigation for escalated security incidents.

• Check for false positive & duplicates.

• Provide communication and escalation throughout the incident per the CSIRT guidelines.

• Communicates directly with data asset owners and business response plan owners during high severity incidents.

• Hunting for suspicious anomalous activity based on data alerts or data outputs from various toolsets.

• Perform analysis of log files to collect more contextual information in order to triage the security threat.

• Provide forensics analysis and investigation.

• Drives containment strategy during data loss or breach events.

• Triage and resolve advanced vector attacks such as botnets and advanced persistent threats (APTs).

• Works directly with data asset owners and business response plan owners during high severity incidents.

• Provide tuning recommendations to administrators based on findings during investigations or threat information reviews.

• Collect contextual information and pursue technical root cause analysis and attack method analysis.

• Make content determination to treat the alert as a security incident and assign a severity level.


لقد تجاوزت الحد الأقصى لعدد التنبيهات الوظيفية المسموح بإضافتها والذي يبلغ 15. يرجى حذف إحدى التنبيهات الوظيفية الحالية لإضافة تنبيه جديد
تم إنشاء تنبيه للوظائف المماثلة بنجاح. يمكنك إدارة التنبيهات عبر الذهاب إلى الإعدادات.
تم إلغاء تفعيل تنبيه الوظائف المماثلة بنجاح. يمكنك إدارة التنبيهات عبر الذهاب إلى الإعدادات.