SOC Admin L1

Job Description

Primary KRA of the role Monitor SIEM alerts and conduct SOP based triaging Preparation of reports dashboards Work as primary of interface for customer stakeholders Job Description Eye on Glass Monitoring on SIEM console Triaging of alerts based on available SOPs Escalate non-SOP alerts to Security Analysts after initial analysis Create new dashboards and monitoring channels for active monitoring of threats. Periodic reporting and dashboarding as per defined frequency Work with customer CFTs (Nw Security, EP security) for blocking IOCs Monitor SLA and tracking of same to ensure that targets are met and escalating tickets approaching SLA breach levels Follow up, Escalation of tickets. Work on rotational shifts (24 X 7) as per roster which may include public holidays and weekends Coordination and communication during major incident response Mandatory Technology Knowledge Network Security DNS, DHCP, Proxy, routers, switches, LAN and End point security TCP/IP, WANs, LANs, and commonly used Internet protocols such as SMTP, HTTP, FTP, POP, LDAP etc. Prior experience of security incident management and vulnerability management processes Proficiency in MS Excel ( for reporting ) Good communication and written skills LogRhythm(preferred) or any industry leading SIEM Qualification Education Qualification Any Graduation/Intermediate/ Diploma with minimum 60%. 2 to 4 years of experience out of which last 1 years should be in SOC operations as L1 SOC Engineer. LR experience will be preferred Mandatory Experience SIEM alert monitoring and Incident Management Threat Intelligence Brand monitoring, Deep and Dark Web Monitoring Should have actively supported Cyberdrills and regulatory audits