Security Analyst L2

Codigo Technologies

4 - 7 years

6 - 9 Lacs

Mumbai

Posted:1 month ago| Platform:

Apply

Skills Required

Change management Information security SOC SIEM Incident management splunk CCNA IPS Monitoring Firewall

Work Mode

Work from Office

Job Type

Full Time

Job Description

SOC Analyst

Level 2

Location: Mumbai

Around 4+ years working experience in Global SOC
Must have experience in any SIEM Management tool Splunk, QRADAR, HP Arc sight,
Triage Specialist - Separating the wheat from the chaff.
Deep investigations/CSIRT, Mitigation/recommends changes, More advanced SME in cybersecurity, Experienced security analyst, understands more advanced features of security tools, thorough understanding of networking and platform architecture (routers, switches, firewalls, security), Ability to dig through and understand various logs (Network, firewall, proxy, app, etc..)
Good to have either of certifications like, ITIL, CCNA, CEH, etc.
Process and Procedure adherence.
Tier 2 Security Analyst addresses real security incidents.
Evaluates incidents identified by tier 1 analysts.
Responsible for conducting information security investigations as a result of security incidents identified by the Level 1 security analyst who are monitoring the security consoles from various SOC entry channels (SIEM, Tickets, Email and Phone)
Uses threat intelligence such as updated rules and Indicators of Compromise (IOCs) to pinpoint affected systems and the extent of the attack.
Analyzes running processes and configs on affected systems.
Carries out in-depth threat intelligence analysis to find the perpetrator, the type of attack, and the data or systems impacted. Creates and implements a strategy for containment and recovery.
Act as a point of escalation for Level-1 SOC security analysts in support of information security investigations to provide guidance and oversight on incident resolution and containment techniques.
Should have experience in Developing new correlation rules & Parser writing
Experience in Log source integration
Act as the lead coordinator to individual information security incidents.
Document incidents from initial detection through final resolution.
Participate in security incident management and vulnerability management processes.
Coordinate with IT teams on escalations, tracking, performance issues, and outages.
Communicate effectively with customers, teammates, and management.
Prepare Monthly Executive Summary Reports for managed clients and continuously improve their content and presentation.
Provide recommendations in tuning and optimization of security systems, SOC security process, procedures and policies.
Define, create and maintain SIEM correlation rules, customer build documents, security process and procedures.
Follow ITIL practices regarding incident, problem and change management.
Staying up to date with emerging security threats including applicable regulatory security requirements.
Maintain an inventory of the procedures used by the SOC and regularly evaluate the SOC procedures and add, remove, and update the procedures as appropriate
Publish weekly reports to applicable teams.
Generate monthly reports on SOC activity.
Should be skilled on Deception Technology, EPP, EDR, IPS/IDS desirable.

Please share your CV to [email protected]

Regards,

Annapurna

Manager TA

More Jobs at Codigo Technologies

Sr. Engineer - Vulnerability Management/Patching Linux

Hyderabad

1 - 3 yrs

INR 5 - 9 Lacs

Accounts Receivable Bangalore Location

Bengaluru

3.0 - 8.0 yrs

INR 5 - 9 Lacs

Strategic Account Manager

Mumbai

4.0 - 8.0 yrs

INR 12 - 16 Lacs

Strategic Account Manager - Cybersecurity Sales

Mumbai

5.0 - 10.0 yrs

INR 14 - 19 Lacs

Strategic Account Manager - Cisco Sales

Hyderabad

8.0 - 13.0 yrs

INR 25 - 30 Lacs

Mock Interview

Practice Video Interview with JobPe AI

Start Job-Specific Interview

Start Your Job Search Today

Browse through a variety of job opportunities tailored to your skills and preferences. Filter by location, experience, salary, and more to find your perfect fit.