Security Operations Center Analyst

Title: SOC Lead Engineer

Experience: 1-4 yrs

Location: Delhi

SOC Lead Engineer

Responsibilities

• Lead the implementation, configuration, and maintenance of SOC solutions, including SIEM, HIPS/NIPS, Network Monitoring tools, and other advanced security technologies.
• Demonstrate expertise in Incident Management and Response.
• Possess strong, in-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, threat hunting, threat intelligence, advanced threat detection and analysis, forensic analysis, network security, endpoint security, cloud security, risk management, and incident management.
• Apply strong hands-on experience in security device management, security monitoring setup, and integration of security tools.
• Develop and refine incident response playbooks, integrating them with SOC processes and ensuring they reflect the latest threat intelligence.
• Lead the implementation and optimization of threat detection systems, including UBEA, AV, web security, and cloud security monitoring.
• Develop automated workflows and integrations to streamline SOC processes and improve incident response times.
• Collaborate effectively with internal SOC teams and external stakeholders to enhance security measures.
• Present regular metrics and reports on daily incidents and emerging security issues.
• Possess proficiency in developing and using incident response playbooks.
• Coordinate and lead incident response efforts during security incidents.
• Use strong written and verbal communication skills to create incident reports and communicate effectively with both technical and non-technical stakeholders.
• Lead and guide junior analysts during incident response and daily operations, and be willing to mentor less experienced team members.
• Maintain a proactive attitude toward staying updated on the latest cybersecurity threats, vulnerabilities, and industry best practices.
• Understand legal and regulatory requirements related to data protection and cybersecurity.
• Use strong analytical and problem-solving skills to identify and address complex security incidents.
• Demonstrate knowledge of various security devices and their management.
• Possess experience in setting up SOC processes.
• Show knowledge of various tools like SIEM, SSL, Packet Analysis, HIPS/NIPS, Network Monitoring tools, Remedy, Service Now Ticketing Toolset, Web Security, AV, UBEA, and Advanced SOC.

Required Qualifications

• BE/B.Tech/M.Tech/MSc/MCA in CS/IS/E&C or equivalent qualification.
• Minimum of 5 years of experience in Cyber security, SOC, or a relevant discipline.
• Experience in both open-source and commercial tools.
• At least one of the following certifications: GCFA / GCFI / CISP / CISSP / CCNP.

Desirable Skills

• Ability to analyze and respond to previously undisclosed software and hardware vulnerabilities.
• Knowledge of various operating system flavors, including Windows, Linux, and Unix.
• Proficiency in scripting languages (e.g., Python, PowerShell) for automation and analysis tasks.
• Knowledge of TCP/IP Protocols, network analysis, and network/security applications and devices.
• Knowledge of common Internet protocols and applications.