Here's the corrected text: As part of the CSIRT team (Cybersecurity Incident Response Team), my usual responsibilities are the following: - Handle the entire incident cycle: Preparation, Detection, Analysis, Containment, Eradication, and Recovery. This is accomplished using various security tools, including log analysis via Elasticsearch, endpoint event analysis through Crowdstrike or MS Intune, and real-time response to events linked to the initial incident. - Review reported cases through phishing mechanisms and analyze IoCs found within reported emails. Execute actions for IoCs identified as malicious. - Document investigation processes and improve current security controls. - Review proprietary tools' code to maintain security and sanitization. - Analyze forensic artifacts during containment to build incident timelines. - Exchange information with vendors regarding detected intelligence feeds that might have negative impacts.

- Incident analysis and management in XSOAR platform - Responding to requirements and alerts in ticketing service (Jira) - Active threat hunting and management on EDR platforms (MS Defender, Crowdstrike, Carbon Black, Crowdstrike) - Active search for possible anomalies or security risks to comply with customer guidelines. - Active threat hunting or possible modification of use cases on SIEM platforms (Splunk QRadar, Azure Sentinel)

- Handling and response to incidents through ticketing services - Triage and management of alerts with varying severity levels. - Active search for potential risks, vulnerabilities, or anomalies in SIEM platforms (McAfee Nitro, Splunk). - Designing use cases for new security requirements and adjusting threat scope for new clients. - Proactive hunting tasks to provide feedback on possible active risk campaigns on client platforms.

Responsible for implementation, administration and continuity process at Networking Department.

• Administration and monitoring of Cisco equipment through PRTG/LogicMonitor. • Ticket handling and support for Cisco products (Security, Wireless, Enterprise). • Management and configuration of VPNs on ASA/Firepower Firewalls. • Implementation and design of new networking projects

- Scanning and setup of Virtual Machines focused on Pentesting. - Multiple security mechanism integrity tests using various tools including: nmap, nikto, Wireshark, Nessus, Metasploit. - Privilege escalation across different operating systems (Windows and Linux distributions) for vulnerability detection.