Incedo Inc.
Location
Gurgaon | India
Job description
Soc L2, L3 support Threat Hunting Gurgaon Location Mandatory Skill :- Q radar / Sentinal Timings 24/7 Shift Immidiate Joiners Only
Share your resume :- [email protected] Profile Name: SOC L2 /L3 :_ Incident management -Hunter/Threat Hunter/Threat Analyst/Threat Researcher Responsibilities: Threat Hunting: Proactively search for potential security threats and anomalies within your organization's network and systems using various data sources, including QRadar / Sentinal Event Analysis: Perform in-depth analysis of security events and incidents to determine their nature, impact, and potential risks. Understand source and destination IP addresses, protocols, payloads, and attack patterns. Triage and Investigation: Conduct thorough investigations to identify true positives from false positives, prioritize incidents, and recommend appropriate actions. Custom Rule Creation: Create and customize rules within QRadar to improve the accuracy of threat detection and reduce false positives. This may involve writing custom correlation rules or adjusting existing ones. Security Tool Expertise: Familiarity with other security tools and technologies, in addition to QRadar, such as SIEM solutions, EDR (Endpoint Detection and Response) tools, and network security devices. Threat Intelligence: Utilize threat intelligence feeds and sources to stay informed about emerging threats and vulnerabilities. Documentation and Reporting: Maintain detailed records of investigations, findings, and actions taken. Generate reports for management and compliance purposes. Collaboration: Work closely with L2 and L3 analysts to provide guidance and mentorship, helping them improve their analysis skills. Qualifications: Bachelor's degree in a related field (e.g., Cybersecurity, Information Technology). Relevant industry certifications, such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or Certified Information Security Manager (CISM), are a plus. Previous experience in a SOC environment, preferably in a threat hunting or incident response role. Proficiency in IBM QRadar and other security tools. Strong analytical and problem-solving skills. Excellent communication and teamwork skills. Knowledge of cybersecurity best practices and emerging threats. Scripting and programming skills may be advantageous for custom rule creation and automation. When you share this job description with recruitment, they should be able to use these details to find candidates with the specific skills and experience you need to enhance your SOC team's capabilities. Be sure to also specify any additional qualifications or requirements unique to your organization's environment and industry.Job tags
Salary
