Job
Description
Position Summary: This position will support Mphasis Cyber Defense Center/SOC. It requires to continuously monitor cyber security events, perform triages and provide response/remediation activities. Responsibilities:  Continuously monitor security alerts generated by SIEM and other security tools.  Perform initial triage to distinguish genuine security incidents from false positives and promptly escalate complex or confirmed threats to senior analysts or incident response teams.  Conduct in-depth analysis of potential security incidents by gathering and correlating data from various sources.  Identify indicators of compromise to determine the scope, impact, and root cause of incidents.  Develop and execute effective containment and remediation strategies in close coordination with incident response teams.  Engage in proactive threat hunting to uncover stealthy or sophisticated attacks that bypass standard monitoring mechanisms.  Maintain accurate and detailed incident logs and reports that capture the analysis, response actions, and lessons learned.  Communicate technical findings clearly to both technical and non-technical stakeholders.  Collaborate with fellow SOC analysts, incident responders, and IT teams to optimize detection rules and continuously improve the organization’s security posture.  Evaluate and implement new security technologies while contributing to the development of SOC playbooks, standard operating procedures, and best practices.  Continuously learn and keep abreast on latest trends in attack patterns and tools Desired Skills/Experience:  3-6 years of overall experience in area of Systems/Network/Information Security and minimum 2 years in SOC/MSS services  Experience SIEM Monitoring solutions [Qradar, ArcSight, Splunk, etc.,] and a variety of other security devices found in a SOC environment  Good understanding in Log formats of various security devices like Proxy, Firewall, IDS/IPS DNS,  Solid foundational understanding of networking concepts (TCP/IP, LAN/WAN, Internet, network topologies)  Experience in major operating systems (Windows, Linux)  Understanding of current trends in attacker and threat actor tools, techniques, and procedures (TTP) and mitigation steps  Strong analytical and problem-solving skills  Excellent communication and interpersonal skills  Professional/Technical Certifications (Security+, CCSE, CCSP, TICSA, MCSE, CISSP, etc.) desirable Show more Show less
