Analyze and monitor logs in Splunk. React to alerts and resolve incidents. Develop incident response playbook.
Build detections using Splunk and Sigma. Simulate red team attacks to learn more about attack vectors. Generate alerts in Splunk.
Manage Windows Servers and Red Hat Enterprise Linux Servers. Build a virtual honeypot using Vsphere and Windows Active Directory. Ingest logs to Splunk Servers and build better logging methods.
Perform risk assessments. Conduct audits on the SOC. Document findings and report to improve the SOC’s compliance.
Learn more about web development and design. Contribute to building the SOC website.