Charter Technology Solutions

• Advanced Threat Detection and Response: Monitor and analyze security alerts and incidents, conduct in-depth investigations, and respond to complex security threats, ensuring they are mitigated effectively. • Incident Management: Take the lead in managing security incidents, coordinating with other IT and security teams to contain, eradicate, and recover from security breaches. • Forensic Analysis: Perform detailed forensic analysis on compromised systems to identify root causes, attack vectors, and indicators of compromise (IOCs). • Vulnerability Management: Assist in the identification, assessment, and remediation of vulnerabilities within the organization’s infrastructure. • Security Tool Management: Maintain and optimize security tools and technologies, including SIEM, IDS/IPS, firewalls, and endpoint protection systems. • Collaboration: Work closely with Level 1 SOC Engineers, providing guidance, mentorship, and training to help them improve their skills and effectiveness in responding to security incidents. • Documentation: Create and maintain detailed documentation of security incidents, forensic analysis, and response actions, ensuring compliance with organizational policies and industry standards. • Reporting: Generate and analyze security reports, providing insights and recommendations to improve the organization’s security posture. • Continuous Improvement: Stay updated on the latest cybersecurity threats, vulnerabilities, and best practices, and contribute to the ongoing improvement of SOC processes and technologies. • On-Call Support: Participate in a rotating on-call schedule to provide after-hours support for critical security incidents.

• Service Delivery: Respond to and resolve service incidents following existing procedures and Service Level Agreements (SLAs). Track time, communications, and work output via ConnectWise Manage PSA. • Network Operations (NOC) Monitoring & Remediation: Remediate alerts from monitoring tools generated from firewalls, switches, access points, physical and virtual workstations, servers, and storage devices. Configure monitoring of client infrastructure using PRTG, Kaseya VSA, and ConnectWise Manage. • Security & Incident Response (SOC): Act as the first line of defense for security alerts. Triage potential threats (e.g., suspicious logins, EDR alerts, phishing reports) using established Incident Response playbooks. Isolate infected endpoints to prevent lateral movement and document forensic details. • VIP & Helpdesk Support: Provide primary "white-glove" remote support for VIP clients (CEOs/Executives) experiencing after-hours technical issues. Address all phone calls and urgent tickets outside of regular business hours with a focus on rapid resolution. • Cloud Administration: Administer and troubleshoot Microsoft 365 (Exchange, Teams, SharePoint) and Google Workspace environments to resolve urgent user access or configuration issues. • Maintenance & Automation: Administer and perform the work for monthly, quarterly, bi-annual, and yearly maintenance plans. Assist higher-level Engineers to automate recurring requests using Ninja RMM, ConnectWise Manage, PRTG, and PowerShell. • Backup Management: Monitor and remediate all CTS-provided client backup solutions: Acronis On-Prem, Acronis Cloud, and AFI. • Documentation: Create and maintain information and documentation in ConnectWise Manage and ITGlue to ensure a smooth handoff to the daytime engineering team.