I work withSIEM systems, including Elastic and QRadar.I effectively useSOAR solutions.I process incidents, conduct their detailed analysis and create cover letters for clients with attachments for greater detail.I participate in internal meetings and meetings with clients.I develop incident handling playbooks.I constantly work with information security tools such as AlienVault, VT, Spur, 2ip, IPINFO and others.

• Monitoring and analysis of the organization's cybersecurity
• Responding to security incidents identified during monitoring

Work with SIEM/SOAR systems: Gained experience in working with and maintaining SIEM systems, including Elastic and QRadar. Also usedSOAR solutions to automate processes.Incident Handling: Performed a full cycle of incident handling, including detailed analysis and creation of information letters for clients with attachments for greater detail.Communication: Participated in internal meetings and meetings with customers.Documentation Creation: Developed playbooks (incident handling playbooks) to standardize incident handling processes.IS tools: Constantly worked with information security tools such as AlienVault, VT, Spur, 2ip, IPINFO and others

• Distribution and prioritization of tasks / incidents / problems in the JIRA system;
• Processing of applications for end users (resetting passwords, providing access,consulting);
• Registration of applications for end users;
• Communication with commands L2 and L3;
• Monitoring of IS events and incidents in SIEM or IRP system;
• Monitoring the availability of the necessary information on IS events and incidents and reporting L2 on identified problems;
• Testing and monitoring the availability of event sources;