Security Operations Center Analyst

About Client:

Our Client is a global IT services company headquartered in Southborough, Massachusetts, USA. Founded in 1996, with a revenue of $1.8B, with 35,000+ associates worldwide, specializes in digital engineering, and IT services company helping clients modernize their technology infrastructure, adopt cloud and AI solutions, and accelerate innovation. It partners with major firms in banking, healthcare, telecom, and media.

Our Client is known for combining deep industry expertise with agile development practices, enabling scalable and cost-effective digital transformation. The company operates in over 50 locations across more than 25 countries, has delivery centers in Asia, Europe, and North America and is backed by Baring Private Equity Asia.

Hi....!

We are hiring for below Positions

Job Title: Google Chronicle SIEM

Key Skills:

Job Locations:

Experience:

Budget:

Education Qualification

Work Mode:

Employment Type:

Notice Period:

Interview Mode:

Google Chronicle SIEM

• Hands on Experience to configure, manage, and maintain the Google Chronicle SIEM platform including use case creation in YARA L 2.0, fine tuning, reference list, writing YARA L 2.0 queries, threat hunting.
• Monitor, analyze, investigate and respond to security incidents in Google Chronicle by collaborating with the SOC team and Customers.
• Should be able to Integrate/onboard devices (Linux, Palo Alto, Fortinet, windows and other devices etc.) to Chronicle.
• Custom parser development and ability to solve technical issues in Chronicle.
• Troubleshoot and resolve issues related to SIEM (Chronicle) infrastructure and integrations like logs not reporting to Chronicle.
• Creation of integration documents and sending them to customers as per requirement.
• Strong Knowledge of different SIEM and EDR products.
• Generate and review Weekly/Monthly reports to provide insights on security posture and SIEM effectiveness to Customers
• Regularly review use case performance and keep track of any fine tuning done to use cases including identifying scenarios where fine tuning can be done and effectively communicate to customer/internal for fine tuning.
• Act as single point of contact for the client during any issues of Integrations, use cases or Incidents.
• Develop SOC playbooks.
• Regular reporting on SOC activities and performance
• Provide SLA Analytics, Metrics, and Dashboards.
• Provide recommendation to client’s security team to optimize security controls.
• Work with SOC manager for creating new operational guidelines, processes and procedures.
• Managing shifts / team in the 24X7 SOC Environment.
• Act as first point of escalation for SOC team, and assist with handing out work assignments to the team members.
• Handling escalated security incidents/ issues. Responsible for deep dive analysis of escalated incidents, threat hunting & Malware analysis.
• Identify opportunities for continuous improvement in security operations
• Serve as primary operational contact with Client and Management in the absence of the manager.
• Ensure service level agreement are met and processes are followed.
• Guide and mentor L1 and L2. Lead analysts with investigation and mitigation of security threats and incidents.
• Develop and mentor staff by providing opportunity of growth through delegation, training and assignment of various projects.
• Strong team player and ability to work in a challenging and constantly changing environment. Strong customer service focus with an understanding of client expectations.
• Knowledge of current and emerging technologies and processes used within a SOC to improve efficiency and effectiveness.
• Strong communication, writing and interpersonal skills. Strong leadership skills with the ability with the ability to prioritize and execute in a methodical and disciplined manner, as well as to set and manage expectations with stakeholders and team members.

sushma.n@people-prime.com