MB

Question 1

• Assisted in ingesting new log sources into the security monitoring platform, working with security teams to normalize and validate incoming data for use in correlation rules and dashboards.

Answer 1

I worked closely with the security team to onboard new log sources into our SIEM system.

My role involved ingesting firewall logs and then working on integrating it into our dashboard.

The first step was usually reviewing the log format and transport method. From there, I helped configure parsing rules and normalized the data into a consistent schema so that it could be used effectively in correlation rules and dashboards.

Question 2

• Acted as the first point of contact for users seeking technical assistance, resolving issues related to Active Directory, Microsoft Outlook, workstations, and other IT assets.

Answer 2

In one of my roles, I was the first point of contact for users who needed technical support. A big part of that work involved troubleshooting problems related to Active Directory—like account lockouts, password resets, and permission issues for shared folders or resources.

I also supported Microsoft Outlook quite a bit—resolving things like calendar syncing issues. In many cases, I’d walk users through fixes remotely, and when needed, escalate persistent issues to the next tier with detailed documentation.