3 Iocs Jobs

Technical Skill Set: Should have a knowledge and understanding of TCP/ UDP. Clean and rigid understanding on what is an AV and whats an EDR solution Understanding of EDR functionalities. This knowledge is required to explore features of a solution and understand technical now how. Understanding on EDR logs and log co-relation. Should be able to understand and retrieve information from packet captures. Should have a sane knowledge of SIEM solution. Knowledge on Log parsing would be an added advantage. Knowledge on Advisories, IOCs, IOAs, Adversories. What are these and how are these to be processed and why Understanding on actions to be done on receiving an advisory. Should keep his/her knowledge updated and should be on the top of current Cyber exploit cases going on, so that actions can be taken proactively to safeguard the environment. Techno-Management Skill set: Should be able to prioritize tasks while processing advisories, incidents, problems and events. How an incident should be tackled, should have a first-hand expertise on deriving a solution and take incident to closure. Prepare dashboard and reports depicting an at-a-glance view of incidents, events, advisories and remedial actions. Work with the 3rdparty solution provider for integration purpose. Prepare documentation related to process and Knowledge base for future easy-reference. Be a bridge between the technical and the management team and make sure updates are regularly submitted to higher management and review to the technical team. Vendor management skills. Any earlier experience in crisis situation handling would be an added advantage.

We are looking for a candidate who could join our Information Technology Team. Technical Skill Set: Should have a knowledge and understanding of TCP/ UDP. Clean and rigid understanding on what is an AV and whats an EDR solution Understanding of EDR functionalities. This knowledge is required to explore features of a solution and understand technical now how. Understanding on EDR logs and log co-relation. Should be able to understand and retrieve information from packet captures. Should have a sane knowledge of SIEM solution. Knowledge on Log parsing would be an added advantage. Knowledge on Advisories, IOCs, IOAs, Adversaries. What are these and how are these to be processed and why Understanding on actions to be done on receiving an advisory. Should keep his/her knowledge updated and should be on the top of current Cyber exploit cases going on, so that actions can be taken proactively to safeguard the environment. Techno-Management Skill set: Should be able to prioritize tasks while processing advisories, incidents, problems and events. How an incident should be tackled, should have a first-hand expertise on deriving a solution and take incident to closure. Prepare dashboard and reports depicting an at-a-glance view of incidents, events, advisories and remedial actions. Work with the 3rdparty solution provider for integration purpose. Prepare documentation related to process and Knowledge base for future easy-reference. Be a bridge between the technical and the management team and make sure updates are regularly submitted to higher management and review to the technical team. Vendor management skills. Any earlier experience in crisis situation handling would be an added advantage.

As an L1 SOC Analyst, you will be responsible for monitoring alerts and triaging basic security events from SIEM, EDR, and NDR platforms. Your role includes identifying suspicious activities, escalating incidents as per defined SOPs, and supporting the security operations team in daily monitoring tasks. Key Responsibilities: Monitor alerts from SIEM (QRadar, Microsoft Sentinel), EDR (Microsoft Defender for Endpoint), and NDR (LinkShadow/Darktrace) platforms Triage basic security events and validate incidents using established playbooks Escalate potential threats to L2 analysts based on severity and context Review and respond to AV/EDR alerts and execute predefined security queries Log incidents, document actions, and maintain ticketing system with accurate updates Enrich alerts with known threat intelligence and IOCs (IP, domain, file hashes) Support incident response efforts for phishing, malware, brute-force attacks, etc. Collaborate with team members and shift leads to ensure 24x7 monitoring coverage Tool Experience (Preferred): SIEM Tools: Basic use of QRadar and Microsoft Sentinel EDR/XDR: Microsoft Defender for Endpoint, Antivirus consoles NDR: LinkShadow or Darktrace (basic familiarity) Other Tools: Microsoft Exchange Online Protection (EOP), Azure AD Sign-In Logs (optional) Certifications (Preferred): CompTIA Security+ Microsoft SC-900 Shift Readiness: This role requires flexibility to work in 24x7 rotational shifts , including nights, weekends, and holidays. Required Skills: Understanding of basic cybersecurity concepts Familiarity with security alert triage and incident logging Basic knowledge of Indicators of Compromise (IOCs) Fast learner with strong attention to detail Effective communicator and team player