Location
Bangalore | India
Job description
SOC Analyst - 1:
POSITION SUMMARY :
The Level One SOC Monitoring analyst will fit into a global team providing 24/7 monitoring and first line of response for incidents, as L1 Engineer you are expected to conduct investigations, monitor for alerts, triage, and mitigation of detected threats/issues, also to start and track security investigations for resolution.
POSITION RESPONSIBILITIES:
- Investigation, triage, and mitigation of detected security events
- Start and track security investigations for resolution
- Provide threat and vulnerability analysis as well as security advisories
- Demonstrate in-depth technical knowledge of the infrastructure leading to security incidents through hands-on experience to investigate, mitigate/remediate security incidents.
- Serve as a Threat/Security Incident Analyst to identify emerging threats through Insider Threat
- Understanding and leveraging various product capabilities across the gamut of incident response to best serve the needs.
- Demonstrate capability to monitor and report incidents independently from SIEM, SOC, SOAR, UEBA platforms.
- Responsible for on time delivery and quality of all in scope deliverables.
- Perform security monitoring, event analysis and incident response activities across [24]7 global networks
- Conduct host-based forensics analysis
- Prioritize multiple high-priority tasks and formulate responses/recommendations
- Support and act as first line of defense for detections and incident response
- Documentation of case investigations
- Provide recommendations to enhance monitoring and detection capabilities
- Conduct analysis for spam, phishing, BEC and other email related attacks
- Continuous monitoring of different security detection tools such as SIEM, Firewalls, IPS, EDR, Email Filtering and other technologies)
Educational Requirements:
- Bachelor's degree in Computer Science / Information Security
- Desired Certifications:
- Cisco CCNA Security or Cyber Ops
- EC Council (CEH or Incident Handler)
- GIAC related certifications
- Cloud Security
Work timing: Should be willing to work in rotational shift and rotational week off.
Work Location: Bangalore (Hybrid model)
Reports to: SOC Lead
Required Skills and Abilities :
- 2 to 4 years previous working experience in a SOC or Cyber Security
- Knowledge of various operating systems
- Proficient in preparation of reports, dashboards and documentation
- Strong, verbal, and written communication, facilitation, and interpersonal skills
- Required Experience in administrating or monitoring detection/security tools:
- SIEM
- EDR
- Endpoint Protection
- IPS/IDS
- DLP
- Cloud Security (GCP. AWS, Azure)
- Identity and Access Management
- Firewalls and Networking
- Good understanding of security and incident response activities
- Core understanding of possible attacks activities such as network probing/scanning, DDOS, etc.
- Good understanding of vulnerability assessment tools
- Good networking understanding
- English proficiency (written and oral)
- Ability to complete tasks and deliver on time, and good interaction with other teams
- Self-Motivated, curious, and knowledgeable pertaining to news and current information security trends and news.
- Experience in host-based forensics tools
- Good understanding of security and incident response
- Desired hands-on experience on:
- Sumo Logic - SIEM
- Cisco (Palo Alto IPS etc.) - Security
- Tanium - Patch management / Vulnerability
- CrowdStrike, Sentinel One or any other EDR - Endpoint detection and remidiation / response
- Palo Alto
- Cloud Computing such as AWS, GCP or Azure
- Proof point - Email gateway
- Trend Micro Antivirus
Does your profile matches to above Job description and looks exciting Then look no further and share your resume to
Job tags
Salary
