SOC -SIEM
• Performing Investigation on all incoming incidents & escalating to the
responsible team and ensure proper tracking until closure.
• Conducting in-depth analysis of the incidents by correlating data from different sources.
• Day to day Monitoring for SIEM Events to achieve 100% daily compliance.
• Recommending/Fine tuning Use cases / contents for process enhancement.
• Status health check/monitoring of SIEM solution.
• Integrating/parsing new devices in SIEM.
• Weekly call update /sharing MOM.
• Troubleshooting for the incidents/logs source analysis.
• Ensuring all the integrated devices are sending logs without fail.
• Ensuring all rules & reports are working as expected.

Microsoft Azure & Intune
• Onboarding of users.
• Managing O365 User Licensing.
• Create, edit, or delete Azure Active Directory (AAD) user/Device groups.

II.
Application Creation and Deployment/Assignment –
• Upload and Configuring LOB applications (Windows, iOS, and Android).
• Upload and Configuring Store applications (Windows, Apple, and Google).
• Deploy LOB applications to a computer/mobile device (iOS, WP, and Android).
• Deploy LOB applications to a computer/mobile device (iOS, WP, and Android).
• Deploy Store applications to a device (Windows 10, iOS, WP, and Android).
• Deploy LOB/Store applications to a group of users (AAD user groups).
• Monitor application deployment status.

III. Managing Software Updates (IOS, Android & MS Windows)–
o Software Update Deployment in the traditional way using Intune client.
o Software Update Scheduling via MDM policies.

V. Mobile Application Management –
• MAM Policy creation, edition, and deletion of Managed Applications.
• Deployment/Assignment of managed application to AAD groups.
• LOB Application Wrapping for iOS and Android managed applications.
• Wrap the LOB apps using iOS SDK.
• Wrap the LOB apps using Android SDK.

VI. Device/Profile Management –
• Create, Maintain, Update, Deploy and Delete policies.
• Configuration policies, Device Restriction, Wi-Fi Profile, Custom Policies, Compliance Policies, iOS Compliance Policies, Android Compliance Policies, Windows Compliance Policies.
• Enroll the mobile devices (iOS, WP, Windows 10, and Android).
• Configuring KIOSK mode profile for Company owned devices.
• Retire and Wipe Devices.

Managing Windows Patch Management (Workstations & Servers)
• Managing policies for Windows Drivers, Quality Security & OS Feature Updates.
• Managing deadlines & grace periods for all Cumulative updates.
• Reminding users prior to required auto-restart with permanent reminder.

Working on server’s baseline security.
• Server Security cumulative updates Monitoring.
• Laptop & workstation security updates monitoring.
• Servers’ compliance level management.
• Cybersecurity Screen Saver Management/Suggestions.
• Windows devices Security Gap Identification.
• Reviewing Privileged Access Management.

SOPHOS Email Security Gateway –
• Administrating & Monitoring SOPHOS Email Gateway.
• Monitoring on-prim AD data to cloud synchronization on daily basis.
• Implement email security standards such as DKIM, SPF and DMARC.
• Maintain email security infrastructure, providing stability by developing tools,
policies, processes, and procedures for the operations teams.
• Investigate & Troubleshoot root causes when escalated from operations.
• Provide a secure environment, by implementing controls to manage and mitigate risks.
• Investigating suspicious email RAW & taking action as required.
• Providing support of SOPHOS Self access control portal to end users.
• Managing Block or Allow settings to help control unwanted and unsolicited email
messages by creating and managing lists of email addresses and domains that we trust and those that we don’t.