• Investigate advanced and persistent attacks using data analysis and data science tools • Analyze customers' web traffic to detect unidentified threats and reduce false positives using Elasticsearch and BigQuery • Research, design, and continuously enhance detection mechanisms to stay ahead of evolving threats • Provide real-time technical support to global customers, delivering professional and timely incident responses • Produce clear, insightful incident reports • Collaborate cross-functionally with R&D and Research teams to optimize the company's detection and mitigation capabilities • Design, plan, and implement internal automation projects to improve team efficiency • Work in a shift-based schedule, including weekends

• Participate in day-to-day execution and continuous improvement of Epic application access provisioning and deprovisioning • Own and execute work in a ServiceNow queue, consistently handling high-volume tickets for access changes, troubleshooting, and triage • Serve as an escalation point for assigned Epic access design/build and access issues • Assist in maintaining an Epic access catalog and keep it current as workflows evolve • Support access reviews/attestations for high-risk roles and privileged access • Help shape the application authorization layer that makes IGA automation successful

• Executes analyses using forensics technologies to collect computer evidence. • Presents investigation results and provides evidence for legal proceedings. • Manages the investigation processes, including the analysis, documentation, and evidence handling for legal proceedings. • Confirms policies, procedures, and processes related to forensic functions are updated.

• Monitor logs, alerts, and telemetry to detect abnormal behavior and potential threats across infrastructure, applications, and cloud environments. • Perform in-depth security analysis and investigations to assess risk, determine impact, and identify root causes of security events. • Coordinate and execute incident response efforts, including containment, mitigation, recovery, and post-incident reviews. • Own and drive the vulnerability management program by identifying, prioritizing, and tracking remediation of security vulnerabilities across systems and teams. • Maintain accurate and comprehensive documentation of investigations, incidents, procedures, and findings to support transparency and operational excellence. • Contribute to company-wide security awareness by developing and delivering training, guidance, and best practices to stakeholders across the organization.