I would start each day by review emails and pertinent client events. If SIEM events or vendor notifications resulting in actions I would document specifics for the monthly and quarterly reports and open tickets for any actions needed by other teams. I would review specific client environments for events, health, and trending; Looking at every aspect of an asset from Hardware, Software, Operations, Availability, Performance and Compliance. All information would be documented in a monthly report. I would attend client meeting giving weekly or monthly reports as to the status of their security systems.