Monitor and analyze security alerts and logs using Wazuh SIEM and related tools. - Develop and maintain custom Wazuh rules, decoders, and integrations. - Write Python scripts to automate log collection, enrichment, and correlation. - Investigate incidents, escalate as needed, and recommend mitigation steps. - Integrate SIEM data with AWS services (CloudTrail, GuardDuty, Security Hub, S3, Lambda). - Optimize event processing and storage for cost-effective scaling. - Assist in deploying and tuning security controls within AWS accounts. - Support compliance requirements (e.g., ISO 27001, NIST, UAE standards) by producing reports and dashboards. - Collaborate with SOC engineers, security architects, and developers to improve detection use cases. - Document processes, playbooks, and incident-handling procedures.