Job Description

ROLES & RESPONSIBILITIES Maintains the documentation repository and keep updating the process & procedure documents Develops relationships within immediate team Monitors and triages suspicious/malicious activity for all endpoints in EDR/XDR solutions and SIEM solutions majorly focus on low and medium severity incidents Escalates true positives to the GSOC Lead/clients directly by following the escalation process Maintains documentation for all GSOC procedures related to S1 deployment, support, and troubleshooting Documents indicators of compromise for confirmed malicious activity and ensuring delivery to the intel team as art of monitoring Generates and sends the weekly/monthly GSOC metrics reports Follows established procedures and methods to solve problems Provides first level of response to the service tickets raised by the clients in the shift. Performs other duties as assigned by management SKILLS AND KNOWLEDGE Intermediate understanding of Windows and Unix Intervals Novice understanding of Information security Basic analysis techniques for reviewing large datasets Novice understanding of TCP/IP and OSI Model Basic understanding of the Incident Response Life Cycle (Preparation, Identification, Containment, Eradication, Recovery, Lesson Learned) Novice understanding of the MITRE ATT&CK framework Ability to communicate in technical and non-technical terms, both oral and written JOB REQUIREMENTS Associates degree and 2-4 years related experience or Bachelors Degree and 0-1 years related experience Basic security Certifications e.g. CEH, ITIL.