10 Soc Analysis Jobs

Role Overview As a SOC Analyst supporting one of our client engagements, you will be responsible for monitoring, analysing, and resolving security-related tickets as part of a dedicated 16x5 Security Operations Centre. This role is critical to ensuring timely triage and resolution of incidents, maintaining compliance with our client s security standards, and supporting continuous improvement of detection and response capabilities. Key Responsibilities Ticket Analysis & Resolution: Review, investigate, and resolve security tickets raised through our client s monitoring systems and service desk workflows. Alert Triage: Priorities and categories alerts based on severity, impact, and relevance to our client s threat landscape. Incident Documentation: Maintain accurate and detailed records of investigations, actions taken, and resolution outcomes in our client s ticketing system. Collaboration: Work closely with our client s internal teams, including infrastructure, application, and compliance teams, to ensure coordinated incident handling. Playbook Execution: Follow and refine client-specific response playbooks and standard operating procedures (SOPs). Shift Handover: Ensure clear and complete handover documentation between shifts to maintain continuity of operations. Required Skills & Qualifications1 3 years of experience in a SOC or cybersecurity operations role. Familiarity with SIEM platforms (e.g., Microsoft Sentinel, Log Rhythm), ticketing systems (e.g., ServiceNow, Xurrent), and endpoint protection tools (e.g., Microsoft Defender, Sentinel One). Experience supporting and resolving common SOC playbook scenarios (e.g., phishing emails, Windows/Linux malware, Microsoft 365/ Entra ID account compromise) Strong analytical skills and attention to detail in reviewing logs, alerts, and incident data. Understanding of cybersecurity frameworks such as MITRE ATT&CK and NIST. Excellent written and verbal communication skills for documenting incidents and collaborating with stakeholders. Bachelor s degree in Computer Science, Information Security, or a related field. Preferred Certifications Comp TIA Security+, CEH, or Microsoft SC-200. ITIL Foundation (for understanding ticketing and service workflows). Working Hours Rotational shifts within a 16x5 schedule (Monday to Friday). After-hours and weekend on-call rotation Flexibility to support critical incidents outside standard hours when required.

What will youressential responsibilities include Act as an escalation point for Level 1 analysts and contribute to the Level 1 capability. Deep dive analysis of escalated alerts to understand impact and prioritize tickets. Provide additional context on the threats. Forensics Investigations. Monitor and support Incident remediation. Root cause analysis. Produce high quality reports and accurate reports for a wide range of stakeholders. Provide technical guidance to Level 1 analysts on complex security issues. Mentor and support L1 analysts with alert analysis. Troubleshoot SIEM issues. Continuous reporting and improvements. Maintain and improve SOPs and Processes. Contribute to the enhancement of threat detection and response capabilities. Participate in incident response exercises and RED/BLUE/Purple team activities. You will report to the SOC head. Were looking for someone who has these abilities and skills: Required Skills and Abilities: Relevant years of proven experience working in a Security Operation Centre with a focus on incident detection, analysis, and response. Outstanding understanding of cyber security principles, threat intelligence and attack vectors. Working knowledge of Azure Sentinel, Microsoft Defender, ADX or other similar security tooling. Excellent Cloud Security and Cloud incident handling skills, knowledge, and experience Experience handling digital forensic evidence and writing reports to support investigations. Good understanding of attacker tactics, techniques, and procedures (TTP). Desired Skills and Abilities: Excellent English verbal and written communication skills with the ability to articulate complex ideas in simple language. Willing to make important decisions self-directedly and multi-task under pressure. Ability to collaborate with high performing agile teams and throughout the organization to accomplish goals. Certifications such as CISSP, GIAC, CEH or other. Have an inquisitive nature and enjoy security technology research and the desired to up skills and advance security your skill sets.

Job description Key Responsibilities: Conduct email analysis and reverse engineer to identify and mitigate threats. Perform static and dynamic analysis of PE and non-PE files. Analyze network traffic and develop heuristic signatures to detect malicious activities. Investigate security incidents, including data breaches, system intrusions, and policy violations. Collaborate with cross-functional teams to improve detection capabilities and response strategies. Develop and implement incident response plans and coordinate incident investigations. Provide continuous monitoring and analysis of network traffic and security events. Conduct research on advanced persistent threats (APTs) and develop protection solutions. Maintain and update real-time block lists and URL block lists. Write and review regular expressions for spam and fraud detection. Perform URL and email grading to assess and categorize potential threats. Engage in security response activities to address and resolve security incidents. Participate in endpoint detection and response (EDR) efforts to identify and mitigate threats. Conduct threat hunting to proactively identify and address potential security risks. Basic Qualifications: Bachelor's or Master's degree in Computer Science, Computer Engineering, Information Security, or a related field. Strong understanding of computer security, network architecture, and threat landscape. Familiarity with operating systems internals (Windows, MacOS, Linux, Android, iOS). Strong knowledge of networking concepts and OSI layers. Understanding of enterprise IT architecture, operating systems, and file systems. Excellent analytical skills and ability to identify patterns and trends. Strong research skills and ability to analyze and present complex data. Good logical reasoning and deep analytical skills. Good communication skills and attention to detail. Ability to perform well under stress, particularly in critical response situations. Basic qualities of a researcher, including curiosity, persistence, and attention to detail. Technical Skills Threat Analysis and Incident Response: Ability to analyze email threats, identify indicators of compromise (IOCs), and respond to incidents promptly. Phishing Detection and Mitigation: Expertise in identifying and mitigating phishing attacks, including spear-phishing and whaling. Malware Analysis: Skills in analyzing email-borne malware, understanding its behavior, and developing countermeasures. Cryptography: Knowledge of encryption techniques to secure email communications and protect sensitive data. Network Security: Understanding of network protocols and security measures to detect and prevent email-based attacks. Regulatory Compliance: Familiarity with regulations such as GDPR, HIPAA, and others that impact email security practices. Programming and Scripting: Proficiency in languages like Kusto, Python, PowerShell, or Bash for automating security tasks and analyzing email logs. Tools Secure Email Gateways (SEGs): Tools like Microsoft Defender for Office, Proofpoint, Mimecast, or Barracuda to filter and block malicious emails. Email Encryption Tools: Solutions like PGP (Pretty Good Privacy) or S/MIME (Secure/Multipurpose Internet Mail Extensions) for encrypting email content. Threat Intelligence Platforms: Tools other than VirusTotal, MX Tool box like ThreatConnect or Recorded Future to gather and analyze threat intelligence data. Sandboxing Solutions: Tools like Windows Sandbox, FireEye or Palo Alto Networks WildFire to safely analyze suspicious email attachments. Anti-Phishing Tools: Solutions like PhishMe or Cofense to detect and respond to phishing attempts. Security Information and Event Management (SIEM): Platforms like Splunk or IBM QRadar to monitor and analyze security events, including email threats. Incident Response Tools: Solutions like TheHive or MISP (Malware Information Sharing Platform) for managing and sharing incident response data. Skills Mandatory Skills : Analyzing Binaires / Non-Binaries & Malicious Scripts, Behaviour based Detection (BM / AMSI), Code based Detection (Assembly Lang), Disassembling & Debugging tools, Kusto, Rule based Detection (LUA / AC), Threat Landscape

Senior SOC Analyst works within the 24/7 Cyber Fusion Center (CFC). The role is responsible for monitoring, triaging, analyzing and escalating incidents and events in the technology environment. This Senior SOC Analyst will evaluate data collected from a variety of cyber operations tools (e.g., SIEM, IDS/IPS, Firewalls, network traffic logs, cloud platforms, and SOAR solutions to analyze events that occur within the environments for the purposes of detecting and mitigating threats in both structured and unstructured situations. Individuals in this role are proactive and well-versed in log, identity, cloud, network, and root cause analysis Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Senior SOC Analyst must have skills in email security, system event, network event, log analysis. Knowledge of common IT and security technology concepts with emphasis on TCP/IP network security, operating system security, modern attack and exploitation techniques is important. Experience conducting event analysis in AWS and Azure environments. Characterize and analyse alerts to understand potential and active threats. Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the nature and characteristics of events that could be an observed attack Preferred technical and professional experience Document and escalate events/incidents that may cause adverse impact to the environment. Provide daily summary reports of events and activity relevant to cyber operations. Perform Cyber Operations trend analysis and reporting. Perform high-quality triage and thorough analysis for all alerts. Demonstrate effective communication skills both written and verbal. Actively engage in team chats, calls, and face to face settings. Constantly contribute to SOC runbooks/playbooks Recommend improvements to automations, alert fidelity, and security controls. Preferred Experience: Experience / Knowledge in CyberArk, Azure SSO. Knowledge of enterprise web technologies, security, and cutting-edge infrastructures

IBM Consulting Overview In this role, you'll work in one of IBM Consulting Client Innovation Centers (Delivery Centers), where deep technical and industry expertise is delivered to a wide range of public and private sector clients globally. These delivery centers offer locally based skills and technical expertise to drive innovation and new technology adoption. Your Role and Responsibilities As a Senior SOC Analyst, you will be part of the 24/7 Cyber Fusion Center (CFC), responsible for monitoring, triaging, analyzing, and escalating incidents in a dynamic technology environment. Your role includes: Evaluating data collected from cyber operations tools (SIEM, IDS/IPS, firewalls, network traffic logs, cloud platforms, and SOAR solutions). Detecting and mitigating threats in both structured and unstructured situations. Conducting log, identity, cloud, network, and root cause analysis to improve security posture. Required Education Bachelor's Degree Preferred Education Master's Degree Required Technical and Professional Expertise Expertise in email security, system events, network events, and log analysis. Strong knowledge of TCP/IP network security, OS security, and modern attack techniques. Event analysis experience in AWS and Azure environments. Ability to characterize and analyze alerts to assess potential threats. Perform event correlation by gathering information from various sources to understand and determine attack patterns. Preferred Technical and Professional Experience Document and escalate events/incidents with potential impact on environments. Provide daily summary reports of cyber operations events and activity. Perform cyber operations trend analysis and reporting. Conduct high-quality triage and analysis for all alerts. Demonstrate effective written and verbal communication skills, engaging in team chats, calls, and in-person discussions. Constantly contribute to SOC runbooks/playbooks. Recommend improvements to automation, alert fidelity, and security controls. Experience with CyberArk, Azure SSO, and enterprise security technologies.

Senior Technical Services Cross Technology Systems Integration Specialist / Technical Lead Your day at NTT DATA The Senior Cross Technology Technical Services (TS) Systems Integration Specialist Technical Lead is involved in highly complex environments for installation, integration, deployment, configuration and fault management. This role is able to compile technical specifications in a clear, concise, unambiguous manner to explain the advantages and disadvantages of options leading to the final solution and are able to create alternative solutions as backup planning. This role works towards expert level certification, whilst at the same time developing business knowledge. This role has advanced proficiency across two or more technologies, namely Networking, Data Centre, Security, Customer Experience, Collaboration and/or End User Compute. What you'll be doing Key Responsibilities: Interacts with clients on site and remote to meet more complex requirements of a solution. Escalates unresolved problems and issues to the relevant third parties. Delegates lower complexity tasks to engineers and technicians. Assumes responsibility for the coordination of the activities of the engineers, in line with performance targets, leading by example and monitoring the quality of engineer's and technician's work when required. Writes reports and proposals and completes and maintains project documentation. Assists with the documentation of standard operating procedures relating to installations and fixes. Acts as coach and mentor to more junior Implementation Engineers and Technicians. Assumes responsibility for the coordination of the activities of the Engineers, in line with performance targets. May be required to serve periodically on the customer service desk, providing third line telephonic, remote and on-site support and problem management. Included in complex design work, with input to the design expected. Expected to take ownership of relevant technologies according to domain or specialization. Engages vendors for priority escalations or bugs found during deployments. Performs any other related task as required. Knowledge and Attributes: Advanced understanding and appreciation of technical design and business principles. Advanced project fundamental and administration ability. Advanced project fundamentals which are demonstrated in the execution of installations and other assignments. Advanced customer engagement skills. Advanced relevant domain specialist knowledge. Excellent verbal communication skills. Client focused and displays a proactive approach to solving problems. Advanced ability to coach, mentor and provide guidance to team members. Ability to take ownership as technical lead during project lifecycle. Academic Qualifications and Certifications: Bachelor's degree or equivalent in Information Technology or Computing or related field. Collaboration - Valid CCIE Collaboration Certification required. Customer Experience - NICE plus 3 additional NICE Engage NCSE; NICE Engage NCIE (Installation); Sentinel Fundamentals; CXOne Basic Certification CXOne Advanced Certification; CXOne ACD Administrator Certification. Additional - Nexidia Data exchange framework; Nexidia NCSE; Nexidia NCIE; Advanced Processing Automation (RTAM); NICE WFM (IEX); Compliance Centre; NICE Inform; Avaya VOIP Integrations; Cisco VOIP Integrations. Encryption; Multiple Data Centres (MDC); NICE Real Time Authentication; NICE Trade Recording. Avaya certification plus additional such as Avaya Aura Core Avaya Aura Contact Centre Avaya IP Office; Avaya IP Office Contact Centre; Avaya Session Border Controller; Avaya Experience Portal Administration. Verint certification and additional such as Workforce Management (WFM); Interactions; Speech; DPA. Genesys foundational courses; Genesys Cloud CX - Implementation; Genesys Cloud CX - Contact Centre Administration; Genesys Cloud CX - Reporting and Analytics; Level 4 - Genesys Cloud: Edge Networking; Genesys Cloud - Edge BYOC Premise Configuration; Genesys Cloud - Edge How it Works; Genesys Cloud - Edge WebRTC; Genesys Cloud - Edge Survivability; Genesys Cloud - Edge BYOC Premises and Edge Introductory Concepts; Genesys Cloud - Edge Troubleshooting; Genesys Cloud - API Conversation Management; Genesys Cloud - API User Management; Genesys Cloud - API Workforce Management; Genesys Cloud - API Real-Time Reporting; Genesys Cloud - API Quality Report Generation; Genesys Cloud - API Historical Report Generation; Genesys Cloud - API Authorization; Genesys Cloud - API Introduction to the Platform API Genesys - Decisions Administration; Genesys - Decisions Strategic Planning. Data Centre - Relevant certifications such as HPE Proliant servers, 3PAR, Primera, Alletra, Simplicity, Synergy, StoreOnce, MSA Storage. Dell PowerEdge servers, Unity, PowerStore, Recoverpoint Appliance/VE, PowerScale Isilon PowerProtect/Data Domain, VxRail, VMware Certified VCP-DCV, vSAN, SRM. Dell Information Storage Associate - DCA-ISM. Veeam Backup and Recovery VMCA . Veritas Netbackup Admin and implementation. Azure Fundamentals. Cisco UCS Servers. Cisco MDS and Brocade SAN Switches - Zoning. Nutanix HCI NCP. End User Compute - Microsoft Certified Professional; Microsoft 365 Administrator (MS-100, MS-101); Microsoft 365 Certified - Modern Desktop Administrator Associate (MD-100, MD-101); Microsoft Azure Fundamentals Training & Certification (AZ-900); Microsoft 365 Certified: Teams Administrator Associate; AZ-103: Azure Administrator Associate; Microsoft Certified - Azure Identity and Access Administrator; AZ-500 - Microsoft Azure Security Technologies; Microsoft Certified Solutions Associate - Server 2016; AZ-500 - Microsoft Azure Security Technologies; Microsoft Certified - Azure Virtual Desktop Specialty; AZ-300 - Microsoft Azure Architect Technologies. Microsoft Certified - Azure Virtual Desktop Specialty. Networking - Professional level certification in different Networking technologies such as Cisco, Juniper, Aruba, F5, CCIE, JNCIE, ACMP etc.; Cisco Dev Net certification. Security - Azure Certified Solutions Architect PCNSE FCE CCNP Security CISSP Automation certifications or equivalent preferred. Cloud Security certifications and certifications such AZ-500, SC-200, Security+, CEH, CISSP, CISM or similar Certification in different networking technologies such as CCIE CCDP Security, JNCIA, ACCA, PCNSE, PCNSC, FCE, CCSA, ITIL, Azure Security Engineer, Azure Certified DevOps Engineer, Azure Certified Network Engineer, Azure Certified Solutions Architect, Azure Administrator Associate is advantageous. Certifications relevant to the services provided (certifications carry additional weightage). Terraform; Azure; Sentinel; EDR Defender for Cloud; Microsoft Security; Devops Ci/CD Pipelins; Azure Governance (Defender for Cloud, Azure Policies, Secure Score and Compliance); Version Control (Git); Microservices (Kubernetes, Azure Containers); Azure AWS/ GCP Infrastructure (IaaS, PaaS, SaaS); Azure Infrastructure as Code; Azure Administration; Hybrid Cloud; Networking (Firewalls, LAN, VPN); Automation; MS Office365. Power BI Administration; Scripting (PowerShell); ZTNA. Required Experience: Advanced work experience in a technical implementation engineering technologies such as Networking, Data Center, Security, Customer Experience, Collaboration and/or End User Compute etc. Advanced experience engaging with clients and conducting presentations. Advanced report writing experience. Advanced project management experience. Required Experience (Specific to Collaboration) - Advanced experience with Cisco Unified Communications Manager, Cisco Unity Connection, Cisco Unified Contact Centre Express, Cisco Attendant console, Cisco IMP, Cisco Customer Collaboration Platform and Expressway in enterprise deployments, including bulk administration, provisioning and management of endpoints and user accounts in large-scale systems. Advanced experience with voice gateways - MGCP, SIP, H.323, SCCP, digital PRI/E1, analog FXO/FXS. Advanced experience with Border Element, media resources, SRST/SRSV. Advanced experience with Cisco Unified Contact Center Express, including but not limited to UC Manager integration, scripting, high availability clustering. Advanced experience with design and implementation for UC environment. Advanced experience with CME/CUE. Advanced experience in dial plan designs and implementation. Advanced experience with virtualization, specifically VMware, Cisco UCS B/C-Series servers and wireshark. Advanced experience with Cisco TelePresence video solutions. Advanced experience with Cisco audio and video conferencing solutions. Advanced experience with Webex Calling and Webex Contact Centre solutions. Advanced experience with voice carrier systems i.e.. Openserv, Neotel, Vodacom, MTN, Experience with multi-cluster call manager environments. Advanced ARC and Call Cabinet expertise is advantageous. Required Experience (Specific to Security) - Advanced experience in SOC Analysis Operations. Advanced experience in SIEM usage for investigations. Advanced experience in Azure or AWS or GCP. Advanced experience in Security technologies like Firewall, IPS, IDS, Proxy etc. Advanced experience in technical support to clients. Advanced experience in handling security incidents end to end. Advanced experience in configuring/managing security controls, such as SIEM, Firewall, IDS/IPS, EDR, NDR, UTM, Proxy, SOAR, Honeypots, decoys, and other security tools. Advanced experience in log collection mechanism such as Syslog, Log file, DB API. Advanced experience in configuring/managing security controls, such as SIEM, Firewall, IDS/IPS, EDR, NDR, UTM, Proxy, SOAR, Honeypots, and other security tools. Advanced experience in web service protocols and frameworks for high-availability, low-latency, resiliency, and auto-scaling. Advanced experience in sound practices on securing data and systems by applying appropriate authentication and authorization controls. Advanced experience in Event Driven Development and asynchronous operations. Advanced experience in scripting languages such as Python, Perl, or Ruby, and experience with automation tools like Ansible, Puppet, or Chef. Workplace type : Remote Working

Responsibilities SOC Analyst Configure and maintain the SIEM system, ensuring that it's properly set up to collect and analyze security event data. Develop, customize, and manage security rules within the SIEM to detect and respond to security threats. Monitor SIEM alerts, investigate them, and take appropriate actions based on the severity and nature of the alerts. Oversee the collection, normalization, and storage of log data from various sources. Develop and document incident response procedures, and lead or assist in incident response efforts when security incidents occur. Analyze and investigate security events from various sources. Manage security incidents through all incident response phases to closure. Utilize SIEM, SOAR, UEBA, EDR, NBAD, Splunk PCAP, Vulnerability Scanning, and Malware analysis technologies for event detection and analysis. Update tickets, write incident reports, and document actions to reduce false positives. Develop knowledge of attack types and finetune detective capabilities. Identify log sources and examine system logs to reconstruct event histories using forensic techniques. Align SIEM rules and alerts with the LICs security policies and compliance requirements. Conduct computer forensic investigations, including examining running processes, identifying network connections, and disk imaging. Maintain and support the operational integrity of SOC toolsets. Collaborate with SIEM solution vendors for updates, patches, and support to ensure the system's reliability and effectiveness. Maintain thorough documentation of the SIEM system's configuration, procedures, and incident response plans. Proactively identify and report system security loopholes, infringements, and vulnerabilities to the Security Operations Centre Manager in a timely manner. Work closely with other IT and security teams during incident response, coordinating efforts and sharing information to mitigate security incidents effectively. Ensure that the SIEM system helps the LIC meet regulatory compliance requirements and is ready for security audits. Continuously optimize the SIEM system for efficient performance, ensuring it can handle the volume of data and remain responsive. Develop automation scripts and workflows to streamline common security response tasks and enhance efficiency. Certification: Valid CEH Certificate required

Key Responsibilities: Interacts with clients on site and remote to meet complex requirements of a solution. Escalates unresolved problems and issues to the relevant third parties. Responds to escalated client requests. Escalates complex problems to the relevant third parties. Writes reports and proposals and completes and maintains project documentation. Assists with the documentation of standard operating procedures relating to installations and fixes. Acts as coach and mentor to more junior Implementation Engineers and Technicians. Assumes responsibility for the coordination of the activities of the junior Engineers, in line with performance targets. Included in higher complexity design work, with input to the design expected. Expected to take ownership of relevant technologies according to domain or specialization. Performs any other related task as required. Knowledge and Attributes: Seasoned understanding and appreciation of technical design and business principles. Seasoned project fundamental and administration ability. Seasoned project skills which are demonstrated in the execution of installations and other assignments. Excellent customer engagement skills Demonstrate relevant domain specialist knowledge. Excellent verbal communication skills. Client focused and displays a proactive approach to solving problems. Ability to work under pressure. Ability to coach, mentor and provide guidance to team members. Academic Qualification and Certifications: Bachelor's degree or equivalent in Information Technology or Computing or a related field. Collaboration - Valid CCNP Voice/Collaboration Certification required. Customer Experience - NICE plus additional such as NICE Engage NCSE; NICE Engage NCIE (Installation); Sentinel Fundamentals; CXOne Basic Certification; CXOne Advanced Certification; CXOne ACD Administrator Certification. Additional certifications such as Nexidia Data exchange framework; Nexidia NCSE; Nexidia NCIE; Advanced Processing Automation (RTAM); NICE WFM (IEX); Compliance Centre; NICE Inform; Avaya VOIP Integrations. Cisco VOIP Integrations; Encryption; Multiple Data Centres (MDC); NICE Real Time Authentication; NICE Trade Recording. Avaya certifications such as Avaya Aura Core; Avaya Aura Contact Centre; Avaya IP Office; Avaya IP Office Contact Centre; Avaya Session Border Controller; Avaya Experience Portal Administration. Verint certifications such as Workforce Management (WFM); Interactions; Speech; Additional DPA Genesys foundational Courses such as Genesys Cloud CX - Implementation; Genesys Cloud CX - Contact Centre Administration; Genesys Cloud CX - Reporting and Analytics. Genesys level 3 such as Genesys Cloud Integration Paths; Genesys Cloud CX - Development and Feedback Usage for Supervisors; Genesys Cloud CX - Gamification; Genesys Cloud CX - AI/Bots Knowledge Workbench; Genesys Cloud CX - AI/Bots Fundamentals; Genesys Cloud CX - AI/Bots Intent Miner; Genesys Cloud - Cloud Media Services Business Continuity; Genesys Cloud - Cloud Media Services Purchase to Port; Genesys Cloud - Cloud Media Services Telephony Connection Options. Data Centre - Relevant certifications such as HPE Proliant servers, 3PAR, Primera, Alletra, Simplicity, Synergy, StoreOnce, MSA Storage; Dell PowerEdge servers, Unity, PowerStore, PowerScale Isilon. Recoverpoint Appliance/VE, PowerProtect/Data Domain, VxRail, VMware Certified VCP-DCV, vSAN, SRM; Dell Information Storage Associate - DCA-ISM; Veeam Backup and Recovery and or Veritas Netbackup; Azure Fundamentals; Cisco UCS Servers. Cisco MDS and Brocade SAN Switches - Zoning. End User Compute - Relevant certifications such as Microsoft Certified Professional; Microsoft 365 Administrator (MS-100, MS-101); Microsoft 365 Certified - Modern Desktop Administrator Associate (MD-100, MD-101); Microsoft Azure Fundamentals Training & Certification (AZ-900); Microsoft 365 Certified - Teams Administrator Associate; AZ-103 - Azure Administrator Associate; Microsoft Certified - Azure Identity and Access Administrator; AZ-500 - Microsoft Azure Security Technologies; Microsoft Certified Solutions Associate - Server 2016; AZ-500 - Microsoft Azure Security Technologies. Networking - Professional level certification in different Networking technologies such as Cisco, Juniper, Aruba, F5, CCNP, JNCIS, ACMP etc.; Cisco Dev Net certification. Security - Certifications such as Azure Certified Security Engineer PCNSE FCP CCNP Security CISSP Automation certifications or equivalent preferred. Cloud Security certifications and certifications such as AZ-500, SC-200, Security+, CEH, CISSP, CISM or similar Certification in different networking technologies such as CCDP Security, JNCIA, ACCA, PCNSE, PCNSC, FCP, CCSA, ITIL, Azure Security Engineer, Azure Certified DevOps Engineer, Azure Certified Network Engineer, Azure Administrator Associate is advantageous. Certifications relevant to the services provided (certifications carry additional weightage on a candidates qualification for the role). Terraform; Azure; Sentinel; EDR Defender for Cloud; Microsoft Security; Devops Ci/CD Pipelins; Azure Governance (Defender for Cloud, Azure Policies, Secure Score and Compliance); Version Control (Git); Microservices (Kubernetes, Azure Containers); Azure AWS/ GCP Infrastructure (IaaS, PaaS, SaaS); Azure Infrastructure as Code; Azure Administration; Hybrid Cloud; Networking (Firewalls, LAN, VPN); Automation; MS Office365; Power BI Administration; Scripting (PowerShell); ZTNA. Required Experience: Seasoned work experience in technical implementation engineering technologies such as Networking, Data Centre, Security, Customer Experience, Collaboration and/or End User Compute etc. Seasoned experience engaging with clients and conducting presentations. Seasoned report writing experience. Seasoned project management. Required Experience (specific to Collaboration) - Seasoned experience with Cisco Unified Communications Manager, Cisco Unity Connection, Cisco Unified Contact Centre express, Cisco Attendant console, Cisco IMP, Cisco Customer Collaboration Platform and Expressway in enterprise deployments, including bulk administration, provisioning and management of endpoints and user accounts in large-scale systems. Seasoned experience with voice gateways - MGCP, SIP, H.323, SCCP, digital PRI/E1, analog FXO/FXS. Seasoned experience with Border Element, media resources, SRST/SRSV. Seasoned experience with Cisco Unified Contact Centre Express, including but not limited to UC Manager integration, scripting, high availability clustering. Seasoned experience with design and implementation for UC environment. Seasoned experience with CME/CUE. Seasoned experience in dial plan designs and implementation. Seasoned experience with virtualization, specifically VMware, Cisco UCS B/C-Series servers and wireshark. Seasoned experience with Cisco TelePresence video solutions. Seasoned experience with Cisco audio and video conferencing solutions. Seasoned experience with Webex Calling and Webex Contact Centre solutions. Seasoned experience with voice carrier systems from Telkom, Neotel, Vodacom, MTN. Seasoned experience with multi-cluster call manager environments. Seasoned ARC and Call Cabinet expertise is advantageous. Seasoned experience in Network switching and routing. Required Experience (specific to Networking) - Seasoned work experience in technical implementation engineering, specific to Networking technologies. Seasoned experience engaging with clients and conducting presentations. Seasoned report writing experience. Seasoned project management. Seasoned experience in Networking technologies such as routing, switching, Wireless, SDI distribution, core and access layers. Seasoned experience in diagnosis and troubleshooting. Required Experience (specific to Security) - Seasoned experience in SOC Analysis Operations. Seasoned experience in SIEM usage for investigations. Seasoned experience in Azure or AWS or GCP. Seasoned experience in Security technologies. Seasoned experience in technical support to clients. Seasoned experience in handling security incidents end to end. Seasoned experience in security concepts and application of those concepts. Seasoned experience in configuring/managing security controls, such as SIEM, Firewall, IDS/IPS, EDR, NDR, UTM, Proxy, SOAR, Honeypots, decoys, and other security tools. Seasoned experience in log collection mechanism such as Syslog, Log file, DB API. Seasoned experience in configuring/managing security controls, such as SIEM, Firewall, IDS/IPS, EDR, NDR, UTM, Proxy, SOAR, Honeypots, and other security tools. Seasoned knowledge on log collection mechanism such as Syslog, Log file, DB API. Seasoned experience in ETL concepts, data processing at scale and data stream pipelines through Terraform. Seasoned experience in Java, Python, TypeScript, JavaScript, R, .NET, PowerShell Seasoned experience in usage of source control systems, Git and CI/CD pipelines using Terraform. Seasoned experience in sound practices on securing data and systems by applying appropriate authentication and authorization controls. Seasoned experience in Event Driven Development and asynchronous operations.

• Knowledge of operating systems, network devices, and security devices • Understanding of networking protocols and cybersecurity concepts • Familiarity with Security Information and Event Management (SIEM) tools Required Candidate profile Familiarity with VAPT tools, Incident Handling, and Forensic Analysis • Hands-on expertise in log analysis, monitoring, detecting, and investigating security incidents and breaches

We are currently seeking for a SOC Analyst our Bengaluru/Hyderabad location. Kindly add few profiles by EOD. Responsibilities of the SOC analysts: - Surveillance of an Organizations Networks and Systems: Monitor WxCCE cloud offering, including security systems, applications, and networks, to detect irregularities indicating a potential breach or attack. - Identify, Assess, and Mitigate Security Threats in Real-Time: Upon identifying a threat, work with WxCCE teams to determine the cause of the anomaly and take preventive measures to avoid future occurrences. - Incident Response and Investigation: Collaborate with team members to investigate incidents thoroughly before reporting to the authorities if needed. - Collaborates With Other Team Members to Implement Security Procedures, Solutions, and Best Practices: Work with their teams to implement and update security systems and procedures to ensure ongoing safe and secure operations within the organization. Certification/Requirements: Bachelors degree in computer engineering or similar field. Any of the following certifications is a plus -Certified Ethical Hacker (CEH) -Computer Hacking Forensics Investigator (CHFI) -EC-Council Certified Security Analyst (ECSA) -Licensed Penetration Tester (LPT) -CompTIA Security+ -CompTIA Cybersecurity Analyst (CySA+) Familiarity with ExaBeam SIEM technology a plus.