Security Advisor

Project Role Security Advisor
Project Role Description Provide enterpriselevel advice to make organizations cyber resientAssist in navigating the complex landscape of cyber threats ensuring robust digital asset protection while maintaining trust with stakeholders
Must have skills Security Information and Event Management (SIEM)

Good to have skills Minimum
year(s) of experience is required

Educational Quafication years full time education
SummaryAs a Level SOC Analyst your role involves deeper investigation of security alerts and confirmed incidentsYou will vadate escalated events using Sentinal One and Splunk SIEM enrich them with context and work closely with L analysts to assist in containment and timely remediationYou will also assist in improving detection fidety and supporting SOAR automationThis role requires deep expertise in detection investigation containment and remediation as well as collaboration with multiple teams across security IT and compance
Roles & ResponsibitiesInvestigate alerts escalated by L to determine scope impact and root causePerform indepth endpoint and network triage using Sentinel OneUse Sentinel One to perform endpoint analysis and threat vadationCorrelate multiple log sources in Splunk to trace attacker activityEnrich events with asset identity and threat intelgence contextDocument investigation workflows evidence and final conclusionsSupport L during major incidents by performing log or memory triageSuggest improvements in alert logic & fine tunning.Conduct threat research agned to alert patterns and business contextEnhance alert fidety with threat intel and historical contextDocument investigation findings and communicate with stakeholders Professional & Technical Skills
Alert Triage & MonitoringExperience investigating escalated alerts using SIEM or EDRIncident Response and ContainmentTake necessary actions to contain eradicate and recover from security incidents.Identify opportunities for automation and work with SIEM Platform Support team for implementing it.EDR Deep DiveUsing Real Time Response (RTR) Threat Graph custom IOA rulesProficiency in writing SPL queries dashboards and providing fine tuning opportunitiesThreat HuntingBehaviorbased detection using TTPsGood understanding of malware lateral movement privilege escalation and exfiltration patternsThreat Intel IntegrationAutomation of IOC lookups and enrichment flowsForensic Skills
Live host forensics log correlation malware behavioral analysisGood experience in advanced threat detection and incident responseProficiency in Sentinal One forensic and incident response capabitiesPlaybook Development/UpdationAble to define update and optimize IR playbooks and workflows Forensic analysis (memory file systems logs)Cloud incident handng (AWS Azure)DashboardingAdvanced visuazations and businessfocused metrics in SplunkCertificationsSplunk Certified Admin/ES Admin SC Sentinal One EDR vendor trainingSentinal OneCustom detections forensic triage threat graphsSplunk SIEM (core + ES module)Searching Logs Monitoring and investigating alertsAdditional InformationThe candidate should have minimum + years in SOC/IR .Experience in x environments shiftbased operations or critical infrastructure responseThis position is based at our Hyderabad office.A years full time education is required.Bachelors in IT/Cybersecurity + advanced certifications (CISSP) Splunk Certified Admin/ES admin EDR Certification (ke Sentinal One) etc.