Security Operations Center Analyst

About Client

Our client is a market-leading company with over 30 years of experience in the industry. As one of the world’s leading professional services firms, with $19.7B, with 333,640 associates worldwide, helping their clients modernize technology, reimagine processes, and transform experiences, enabling them to remain competitive in our fast-paced world.

Their Specialties in Intelligent Process Automation, Digital Engineering, Industry & Platform Solutions, Internet of Things, Artificial Intelligence, Cloud, Data, Healthcare, Banking, Finance, Fintech, Manufacturing, Retail, Technology, and Salesforce

Hi....!

We are hiring for below Positions

Job Title:

Key Skills:

Job Locations: Pan India

Experience:6

Budget:

Education Qualification

Work Mode:

Employment Type:

Notice Period:

Overall 6 to 8 years of experience in SIEM/SOC at L2/L3 level with primary skill of Google Chronicle SIEM.

• Hands on Experience to configure, manage, and maintain the Google Chronicle SIEM platform including use case creation in YARA L 2.0, fine tuning, reference list, writing YARA L 2.0 queries, threat hunting.
• Monitor, analyze, investigate and respond to security incidents in Google Chronicle by collaborating with the SOC team and Customers.
• Should be able to Integrate/onboard devices (Linux, Palo Alto, Fortinet, windows and other devices etc.) to Chronicle.
• Custom parser development and ability to solve technical issues in Chronicle.
• Troubleshoot and resolve issues related to SIEM (Chronicle) infrastructure and integrations like logs not reporting to Chronicle.
• Creation of integration documents and sending them to customers as per requirement.
• Strong Knowledge of different SIEM and EDR products.
• Generate and review Weekly/Monthly reports to provide insights on security posture and SIEM effectiveness to Customers
• Regularly review use case performance and keep track of any fine tuning done to use cases including identifying scenarios where fine tuning can be done and effectively communicate to customer/internal for fine tuning.
• Act as single point of contact for the client during any issues of Integrations, use cases or Incidents.
• Develop SOC playbooks.
• Regular reporting on SOC activities and performance
• Provide SLA Analytics, Metrics, and Dashboards.
• Provide recommendation to client’s security team to optimize security controls.
• Work with SOC manager for creating new operational guidelines, processes and procedures.
• Managing shifts / team in the 24X7 SOC Environment.
• Act as first point of escalation for SOC team, and assist with handing out work assignments to the team members.
• Handling escalated security incidents/ issues. Responsible for deep dive analysis of escalated incidents, threat hunting & Malware analysis.
• Identify opportunities for continuous improvement in security operations
• Serve as primary operational contact with Client and Management in the absence of the manager.
• Ensure service level agreement are met and processes are followed.
• Guide and mentor L1 and L2. Lead analysts with investigation and mitigation of security threats and incidents.
• Develop and mentor staff by providing opportunity of growth through delegation, training and assignment of various projects.
• Strong team player and ability to work in a challenging and constantly changing environment. Strong customer service focus with an understanding of client expectations.
• Knowledge of current and emerging technologies and processes used within a SOC to improve efficiency and effectiveness.
• Strong communication, writing and interpersonal skills. Strong leadership skills with the ability with the ability to prioritize and execute in a methodical and disciplined manner, as well as to set and manage expectations with stakeholders and team members.

hajeera.s@people-prime.com