Microsoft Sentinel, reducing alert resolution time by 40%
through effective triage.
• Implemented SPF, DKIM, and DMARC for email domain
protection, reducing phishing risks by 40%.
• Applied Azure Security Center policies and RBAC,
strengthening cloud security posture.
• Extremely knowledgeable with cyber-attack TTPS, IOCs, etc.
Understanding of the MITRE ATT&CK, NIST, Cyber Kill Chain
• Monitor security alerts and events from various security tools
(SIEM, IDS/IPS, antivirus, firewalls, Phishing tool).
• Perform real-time security event analysis and triage.
• Investigate suspicious activities, anomalies, and security
incidents.
• Escalate critical security incidents to senior analysts or incident
response teams.
• Document all incidents clearly, comprehensively, and concisely
in the ticketing system.
Aware of regulations by the National Cybersecurity Authority
(NCA)