AssistantManager,CybersecurityIncidentResponse

We are currently partnering with a leading technology-driven telecommunications organization that is scaling rapidly to support new digital initiatives and platforms. As part of this expansion, multiple roles are open across key functions to help build, maintain, and enhance next-generation solutions. This opportunity offers exposure to large-scale systems, innovative technologies, and a collaborative environment where skills and ideas make a real impact. Accountabilities: - End-to-end management of cybersecurity incidents, ensuring timely detection, triage, investigation, and resolution - Achieving and maintaining target MTTD (Mean Time to Detect) and MTTR (Mean Time to Respond) benchmarks. - Effective administration and optimization of the Elastic SIEM platform, including rule creation, tuning, and integrations. - Development of accurate and relevant detection use cases aligned with evolving threat patterns and organizational needs. - Ensuring timely escalation and coordination with internal and external stakeholders during major incidents. - Providing transparent and comprehensive incident reporting to leadership and relevant teams. - Drive operational excellence through monitoring, alerting, timely investigation and continuous fine tuning the alerts - Partner with Data Engineering, Architecture, Security, Infrastructure & Tooling teams to ensure aligned technical cyber security discussions Responsibilities: - Monitor, triage, and investigate alerts from multiple log sources (network, endpoint, cloud, and application). - Create, refine, and manage SIEM detection rules to capture the latest attack patterns. - Conduct log analysis and event correlation to identify potential intrusions or malicious behavior. - Drive use case ideation and validation to improve threat detection coverage and accuracy. - Manage and maintain Elastic Stack components (Elasticsearch, Logstash, Kibana, Beats) for operational efficiency. - Lead integration efforts with tools such as EDR, fir