7 Soc Analysis Jobs

Senior SOC Analyst works within the 24/7 Cyber Fusion Center (CFC). The role is responsible for monitoring, triaging, analyzing and escalating incidents and events in the technology environment. This Senior SOC Analyst will evaluate data collected from a variety of cyber operations tools (e.g., SIEM, IDS/IPS, Firewalls, network traffic logs, cloud platforms, and SOAR solutions to analyze events that occur within the environments for the purposes of detecting and mitigating threats in both structured and unstructured situations. Individuals in this role are proactive and well-versed in log, identity, cloud, network, and root cause analysis Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Senior SOC Analyst must have skills in email security, system event, network event, log analysis. Knowledge of common IT and security technology concepts with emphasis on TCP/IP network security, operating system security, modern attack and exploitation techniques is important. Experience conducting event analysis in AWS and Azure environments. Characterize and analyse alerts to understand potential and active threats. Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the nature and characteristics of events that could be an observed attack Preferred technical and professional experience Document and escalate events/incidents that may cause adverse impact to the environment. Provide daily summary reports of events and activity relevant to cyber operations. Perform Cyber Operations trend analysis and reporting. Perform high-quality triage and thorough analysis for all alerts. Demonstrate effective communication skills both written and verbal. Actively engage in team chats, calls, and face to face settings. Constantly contribute to SOC runbooks/playbooks Recommend improvements to automations, alert fidelity, and security controls. Preferred Experience: Experience / Knowledge in CyberArk, Azure SSO. Knowledge of enterprise web technologies, security, and cutting-edge infrastructures

IBM Consulting Overview In this role, you'll work in one of IBM Consulting Client Innovation Centers (Delivery Centers), where deep technical and industry expertise is delivered to a wide range of public and private sector clients globally. These delivery centers offer locally based skills and technical expertise to drive innovation and new technology adoption. Your Role and Responsibilities As a Senior SOC Analyst, you will be part of the 24/7 Cyber Fusion Center (CFC), responsible for monitoring, triaging, analyzing, and escalating incidents in a dynamic technology environment. Your role includes: Evaluating data collected from cyber operations tools (SIEM, IDS/IPS, firewalls, network traffic logs, cloud platforms, and SOAR solutions). Detecting and mitigating threats in both structured and unstructured situations. Conducting log, identity, cloud, network, and root cause analysis to improve security posture. Required Education Bachelor's Degree Preferred Education Master's Degree Required Technical and Professional Expertise Expertise in email security, system events, network events, and log analysis. Strong knowledge of TCP/IP network security, OS security, and modern attack techniques. Event analysis experience in AWS and Azure environments. Ability to characterize and analyze alerts to assess potential threats. Perform event correlation by gathering information from various sources to understand and determine attack patterns. Preferred Technical and Professional Experience Document and escalate events/incidents with potential impact on environments. Provide daily summary reports of cyber operations events and activity. Perform cyber operations trend analysis and reporting. Conduct high-quality triage and analysis for all alerts. Demonstrate effective written and verbal communication skills, engaging in team chats, calls, and in-person discussions. Constantly contribute to SOC runbooks/playbooks. Recommend improvements to automation, alert fidelity, and security controls. Experience with CyberArk, Azure SSO, and enterprise security technologies.

Senior Technical Services Cross Technology Systems Integration Specialist / Technical Lead Your day at NTT DATA The Senior Cross Technology Technical Services (TS) Systems Integration Specialist Technical Lead is involved in highly complex environments for installation, integration, deployment, configuration and fault management. This role is able to compile technical specifications in a clear, concise, unambiguous manner to explain the advantages and disadvantages of options leading to the final solution and are able to create alternative solutions as backup planning. This role works towards expert level certification, whilst at the same time developing business knowledge. This role has advanced proficiency across two or more technologies, namely Networking, Data Centre, Security, Customer Experience, Collaboration and/or End User Compute. What you'll be doing Key Responsibilities: Interacts with clients on site and remote to meet more complex requirements of a solution. Escalates unresolved problems and issues to the relevant third parties. Delegates lower complexity tasks to engineers and technicians. Assumes responsibility for the coordination of the activities of the engineers, in line with performance targets, leading by example and monitoring the quality of engineer's and technician's work when required. Writes reports and proposals and completes and maintains project documentation. Assists with the documentation of standard operating procedures relating to installations and fixes. Acts as coach and mentor to more junior Implementation Engineers and Technicians. Assumes responsibility for the coordination of the activities of the Engineers, in line with performance targets. May be required to serve periodically on the customer service desk, providing third line telephonic, remote and on-site support and problem management. Included in complex design work, with input to the design expected. Expected to take ownership of relevant technologies according to domain or specialization. Engages vendors for priority escalations or bugs found during deployments. Performs any other related task as required. Knowledge and Attributes: Advanced understanding and appreciation of technical design and business principles. Advanced project fundamental and administration ability. Advanced project fundamentals which are demonstrated in the execution of installations and other assignments. Advanced customer engagement skills. Advanced relevant domain specialist knowledge. Excellent verbal communication skills. Client focused and displays a proactive approach to solving problems. Advanced ability to coach, mentor and provide guidance to team members. Ability to take ownership as technical lead during project lifecycle. Academic Qualifications and Certifications: Bachelor's degree or equivalent in Information Technology or Computing or related field. Collaboration - Valid CCIE Collaboration Certification required. Customer Experience - NICE plus 3 additional NICE Engage NCSE; NICE Engage NCIE (Installation); Sentinel Fundamentals; CXOne Basic Certification CXOne Advanced Certification; CXOne ACD Administrator Certification. Additional - Nexidia Data exchange framework; Nexidia NCSE; Nexidia NCIE; Advanced Processing Automation (RTAM); NICE WFM (IEX); Compliance Centre; NICE Inform; Avaya VOIP Integrations; Cisco VOIP Integrations. Encryption; Multiple Data Centres (MDC); NICE Real Time Authentication; NICE Trade Recording. Avaya certification plus additional such as Avaya Aura Core Avaya Aura Contact Centre Avaya IP Office; Avaya IP Office Contact Centre; Avaya Session Border Controller; Avaya Experience Portal Administration. Verint certification and additional such as Workforce Management (WFM); Interactions; Speech; DPA. Genesys foundational courses; Genesys Cloud CX - Implementation; Genesys Cloud CX - Contact Centre Administration; Genesys Cloud CX - Reporting and Analytics; Level 4 - Genesys Cloud: Edge Networking; Genesys Cloud - Edge BYOC Premise Configuration; Genesys Cloud - Edge How it Works; Genesys Cloud - Edge WebRTC; Genesys Cloud - Edge Survivability; Genesys Cloud - Edge BYOC Premises and Edge Introductory Concepts; Genesys Cloud - Edge Troubleshooting; Genesys Cloud - API Conversation Management; Genesys Cloud - API User Management; Genesys Cloud - API Workforce Management; Genesys Cloud - API Real-Time Reporting; Genesys Cloud - API Quality Report Generation; Genesys Cloud - API Historical Report Generation; Genesys Cloud - API Authorization; Genesys Cloud - API Introduction to the Platform API Genesys - Decisions Administration; Genesys - Decisions Strategic Planning. Data Centre - Relevant certifications such as HPE Proliant servers, 3PAR, Primera, Alletra, Simplicity, Synergy, StoreOnce, MSA Storage. Dell PowerEdge servers, Unity, PowerStore, Recoverpoint Appliance/VE, PowerScale Isilon PowerProtect/Data Domain, VxRail, VMware Certified VCP-DCV, vSAN, SRM. Dell Information Storage Associate - DCA-ISM. Veeam Backup and Recovery VMCA . Veritas Netbackup Admin and implementation. Azure Fundamentals. Cisco UCS Servers. Cisco MDS and Brocade SAN Switches - Zoning. Nutanix HCI NCP. End User Compute - Microsoft Certified Professional; Microsoft 365 Administrator (MS-100, MS-101); Microsoft 365 Certified - Modern Desktop Administrator Associate (MD-100, MD-101); Microsoft Azure Fundamentals Training & Certification (AZ-900); Microsoft 365 Certified: Teams Administrator Associate; AZ-103: Azure Administrator Associate; Microsoft Certified - Azure Identity and Access Administrator; AZ-500 - Microsoft Azure Security Technologies; Microsoft Certified Solutions Associate - Server 2016; AZ-500 - Microsoft Azure Security Technologies; Microsoft Certified - Azure Virtual Desktop Specialty; AZ-300 - Microsoft Azure Architect Technologies. Microsoft Certified - Azure Virtual Desktop Specialty. Networking - Professional level certification in different Networking technologies such as Cisco, Juniper, Aruba, F5, CCIE, JNCIE, ACMP etc.; Cisco Dev Net certification. Security - Azure Certified Solutions Architect PCNSE FCE CCNP Security CISSP Automation certifications or equivalent preferred. Cloud Security certifications and certifications such AZ-500, SC-200, Security+, CEH, CISSP, CISM or similar Certification in different networking technologies such as CCIE CCDP Security, JNCIA, ACCA, PCNSE, PCNSC, FCE, CCSA, ITIL, Azure Security Engineer, Azure Certified DevOps Engineer, Azure Certified Network Engineer, Azure Certified Solutions Architect, Azure Administrator Associate is advantageous. Certifications relevant to the services provided (certifications carry additional weightage). Terraform; Azure; Sentinel; EDR Defender for Cloud; Microsoft Security; Devops Ci/CD Pipelins; Azure Governance (Defender for Cloud, Azure Policies, Secure Score and Compliance); Version Control (Git); Microservices (Kubernetes, Azure Containers); Azure AWS/ GCP Infrastructure (IaaS, PaaS, SaaS); Azure Infrastructure as Code; Azure Administration; Hybrid Cloud; Networking (Firewalls, LAN, VPN); Automation; MS Office365. Power BI Administration; Scripting (PowerShell); ZTNA. Required Experience: Advanced work experience in a technical implementation engineering technologies such as Networking, Data Center, Security, Customer Experience, Collaboration and/or End User Compute etc. Advanced experience engaging with clients and conducting presentations. Advanced report writing experience. Advanced project management experience. Required Experience (Specific to Collaboration) - Advanced experience with Cisco Unified Communications Manager, Cisco Unity Connection, Cisco Unified Contact Centre Express, Cisco Attendant console, Cisco IMP, Cisco Customer Collaboration Platform and Expressway in enterprise deployments, including bulk administration, provisioning and management of endpoints and user accounts in large-scale systems. Advanced experience with voice gateways - MGCP, SIP, H.323, SCCP, digital PRI/E1, analog FXO/FXS. Advanced experience with Border Element, media resources, SRST/SRSV. Advanced experience with Cisco Unified Contact Center Express, including but not limited to UC Manager integration, scripting, high availability clustering. Advanced experience with design and implementation for UC environment. Advanced experience with CME/CUE. Advanced experience in dial plan designs and implementation. Advanced experience with virtualization, specifically VMware, Cisco UCS B/C-Series servers and wireshark. Advanced experience with Cisco TelePresence video solutions. Advanced experience with Cisco audio and video conferencing solutions. Advanced experience with Webex Calling and Webex Contact Centre solutions. Advanced experience with voice carrier systems i.e.. Openserv, Neotel, Vodacom, MTN, Experience with multi-cluster call manager environments. Advanced ARC and Call Cabinet expertise is advantageous. Required Experience (Specific to Security) - Advanced experience in SOC Analysis Operations. Advanced experience in SIEM usage for investigations. Advanced experience in Azure or AWS or GCP. Advanced experience in Security technologies like Firewall, IPS, IDS, Proxy etc. Advanced experience in technical support to clients. Advanced experience in handling security incidents end to end. Advanced experience in configuring/managing security controls, such as SIEM, Firewall, IDS/IPS, EDR, NDR, UTM, Proxy, SOAR, Honeypots, decoys, and other security tools. Advanced experience in log collection mechanism such as Syslog, Log file, DB API. Advanced experience in configuring/managing security controls, such as SIEM, Firewall, IDS/IPS, EDR, NDR, UTM, Proxy, SOAR, Honeypots, and other security tools. Advanced experience in web service protocols and frameworks for high-availability, low-latency, resiliency, and auto-scaling. Advanced experience in sound practices on securing data and systems by applying appropriate authentication and authorization controls. Advanced experience in Event Driven Development and asynchronous operations. Advanced experience in scripting languages such as Python, Perl, or Ruby, and experience with automation tools like Ansible, Puppet, or Chef. Workplace type : Remote Working

Responsibilities SOC Analyst Configure and maintain the SIEM system, ensuring that it's properly set up to collect and analyze security event data. Develop, customize, and manage security rules within the SIEM to detect and respond to security threats. Monitor SIEM alerts, investigate them, and take appropriate actions based on the severity and nature of the alerts. Oversee the collection, normalization, and storage of log data from various sources. Develop and document incident response procedures, and lead or assist in incident response efforts when security incidents occur. Analyze and investigate security events from various sources. Manage security incidents through all incident response phases to closure. Utilize SIEM, SOAR, UEBA, EDR, NBAD, Splunk PCAP, Vulnerability Scanning, and Malware analysis technologies for event detection and analysis. Update tickets, write incident reports, and document actions to reduce false positives. Develop knowledge of attack types and finetune detective capabilities. Identify log sources and examine system logs to reconstruct event histories using forensic techniques. Align SIEM rules and alerts with the LICs security policies and compliance requirements. Conduct computer forensic investigations, including examining running processes, identifying network connections, and disk imaging. Maintain and support the operational integrity of SOC toolsets. Collaborate with SIEM solution vendors for updates, patches, and support to ensure the system's reliability and effectiveness. Maintain thorough documentation of the SIEM system's configuration, procedures, and incident response plans. Proactively identify and report system security loopholes, infringements, and vulnerabilities to the Security Operations Centre Manager in a timely manner. Work closely with other IT and security teams during incident response, coordinating efforts and sharing information to mitigate security incidents effectively. Ensure that the SIEM system helps the LIC meet regulatory compliance requirements and is ready for security audits. Continuously optimize the SIEM system for efficient performance, ensuring it can handle the volume of data and remain responsive. Develop automation scripts and workflows to streamline common security response tasks and enhance efficiency. Certification: Valid CEH Certificate required

Key Responsibilities: Interacts with clients on site and remote to meet complex requirements of a solution. Escalates unresolved problems and issues to the relevant third parties. Responds to escalated client requests. Escalates complex problems to the relevant third parties. Writes reports and proposals and completes and maintains project documentation. Assists with the documentation of standard operating procedures relating to installations and fixes. Acts as coach and mentor to more junior Implementation Engineers and Technicians. Assumes responsibility for the coordination of the activities of the junior Engineers, in line with performance targets. Included in higher complexity design work, with input to the design expected. Expected to take ownership of relevant technologies according to domain or specialization. Performs any other related task as required. Knowledge and Attributes: Seasoned understanding and appreciation of technical design and business principles. Seasoned project fundamental and administration ability. Seasoned project skills which are demonstrated in the execution of installations and other assignments. Excellent customer engagement skills Demonstrate relevant domain specialist knowledge. Excellent verbal communication skills. Client focused and displays a proactive approach to solving problems. Ability to work under pressure. Ability to coach, mentor and provide guidance to team members. Academic Qualification and Certifications: Bachelor's degree or equivalent in Information Technology or Computing or a related field. Collaboration - Valid CCNP Voice/Collaboration Certification required. Customer Experience - NICE plus additional such as NICE Engage NCSE; NICE Engage NCIE (Installation); Sentinel Fundamentals; CXOne Basic Certification; CXOne Advanced Certification; CXOne ACD Administrator Certification. Additional certifications such as Nexidia Data exchange framework; Nexidia NCSE; Nexidia NCIE; Advanced Processing Automation (RTAM); NICE WFM (IEX); Compliance Centre; NICE Inform; Avaya VOIP Integrations. Cisco VOIP Integrations; Encryption; Multiple Data Centres (MDC); NICE Real Time Authentication; NICE Trade Recording. Avaya certifications such as Avaya Aura Core; Avaya Aura Contact Centre; Avaya IP Office; Avaya IP Office Contact Centre; Avaya Session Border Controller; Avaya Experience Portal Administration. Verint certifications such as Workforce Management (WFM); Interactions; Speech; Additional DPA Genesys foundational Courses such as Genesys Cloud CX - Implementation; Genesys Cloud CX - Contact Centre Administration; Genesys Cloud CX - Reporting and Analytics. Genesys level 3 such as Genesys Cloud Integration Paths; Genesys Cloud CX - Development and Feedback Usage for Supervisors; Genesys Cloud CX - Gamification; Genesys Cloud CX - AI/Bots Knowledge Workbench; Genesys Cloud CX - AI/Bots Fundamentals; Genesys Cloud CX - AI/Bots Intent Miner; Genesys Cloud - Cloud Media Services Business Continuity; Genesys Cloud - Cloud Media Services Purchase to Port; Genesys Cloud - Cloud Media Services Telephony Connection Options. Data Centre - Relevant certifications such as HPE Proliant servers, 3PAR, Primera, Alletra, Simplicity, Synergy, StoreOnce, MSA Storage; Dell PowerEdge servers, Unity, PowerStore, PowerScale Isilon. Recoverpoint Appliance/VE, PowerProtect/Data Domain, VxRail, VMware Certified VCP-DCV, vSAN, SRM; Dell Information Storage Associate - DCA-ISM; Veeam Backup and Recovery and or Veritas Netbackup; Azure Fundamentals; Cisco UCS Servers. Cisco MDS and Brocade SAN Switches - Zoning. End User Compute - Relevant certifications such as Microsoft Certified Professional; Microsoft 365 Administrator (MS-100, MS-101); Microsoft 365 Certified - Modern Desktop Administrator Associate (MD-100, MD-101); Microsoft Azure Fundamentals Training & Certification (AZ-900); Microsoft 365 Certified - Teams Administrator Associate; AZ-103 - Azure Administrator Associate; Microsoft Certified - Azure Identity and Access Administrator; AZ-500 - Microsoft Azure Security Technologies; Microsoft Certified Solutions Associate - Server 2016; AZ-500 - Microsoft Azure Security Technologies. Networking - Professional level certification in different Networking technologies such as Cisco, Juniper, Aruba, F5, CCNP, JNCIS, ACMP etc.; Cisco Dev Net certification. Security - Certifications such as Azure Certified Security Engineer PCNSE FCP CCNP Security CISSP Automation certifications or equivalent preferred. Cloud Security certifications and certifications such as AZ-500, SC-200, Security+, CEH, CISSP, CISM or similar Certification in different networking technologies such as CCDP Security, JNCIA, ACCA, PCNSE, PCNSC, FCP, CCSA, ITIL, Azure Security Engineer, Azure Certified DevOps Engineer, Azure Certified Network Engineer, Azure Administrator Associate is advantageous. Certifications relevant to the services provided (certifications carry additional weightage on a candidates qualification for the role). Terraform; Azure; Sentinel; EDR Defender for Cloud; Microsoft Security; Devops Ci/CD Pipelins; Azure Governance (Defender for Cloud, Azure Policies, Secure Score and Compliance); Version Control (Git); Microservices (Kubernetes, Azure Containers); Azure AWS/ GCP Infrastructure (IaaS, PaaS, SaaS); Azure Infrastructure as Code; Azure Administration; Hybrid Cloud; Networking (Firewalls, LAN, VPN); Automation; MS Office365; Power BI Administration; Scripting (PowerShell); ZTNA. Required Experience: Seasoned work experience in technical implementation engineering technologies such as Networking, Data Centre, Security, Customer Experience, Collaboration and/or End User Compute etc. Seasoned experience engaging with clients and conducting presentations. Seasoned report writing experience. Seasoned project management. Required Experience (specific to Collaboration) - Seasoned experience with Cisco Unified Communications Manager, Cisco Unity Connection, Cisco Unified Contact Centre express, Cisco Attendant console, Cisco IMP, Cisco Customer Collaboration Platform and Expressway in enterprise deployments, including bulk administration, provisioning and management of endpoints and user accounts in large-scale systems. Seasoned experience with voice gateways - MGCP, SIP, H.323, SCCP, digital PRI/E1, analog FXO/FXS. Seasoned experience with Border Element, media resources, SRST/SRSV. Seasoned experience with Cisco Unified Contact Centre Express, including but not limited to UC Manager integration, scripting, high availability clustering. Seasoned experience with design and implementation for UC environment. Seasoned experience with CME/CUE. Seasoned experience in dial plan designs and implementation. Seasoned experience with virtualization, specifically VMware, Cisco UCS B/C-Series servers and wireshark. Seasoned experience with Cisco TelePresence video solutions. Seasoned experience with Cisco audio and video conferencing solutions. Seasoned experience with Webex Calling and Webex Contact Centre solutions. Seasoned experience with voice carrier systems from Telkom, Neotel, Vodacom, MTN. Seasoned experience with multi-cluster call manager environments. Seasoned ARC and Call Cabinet expertise is advantageous. Seasoned experience in Network switching and routing. Required Experience (specific to Networking) - Seasoned work experience in technical implementation engineering, specific to Networking technologies. Seasoned experience engaging with clients and conducting presentations. Seasoned report writing experience. Seasoned project management. Seasoned experience in Networking technologies such as routing, switching, Wireless, SDI distribution, core and access layers. Seasoned experience in diagnosis and troubleshooting. Required Experience (specific to Security) - Seasoned experience in SOC Analysis Operations. Seasoned experience in SIEM usage for investigations. Seasoned experience in Azure or AWS or GCP. Seasoned experience in Security technologies. Seasoned experience in technical support to clients. Seasoned experience in handling security incidents end to end. Seasoned experience in security concepts and application of those concepts. Seasoned experience in configuring/managing security controls, such as SIEM, Firewall, IDS/IPS, EDR, NDR, UTM, Proxy, SOAR, Honeypots, decoys, and other security tools. Seasoned experience in log collection mechanism such as Syslog, Log file, DB API. Seasoned experience in configuring/managing security controls, such as SIEM, Firewall, IDS/IPS, EDR, NDR, UTM, Proxy, SOAR, Honeypots, and other security tools. Seasoned knowledge on log collection mechanism such as Syslog, Log file, DB API. Seasoned experience in ETL concepts, data processing at scale and data stream pipelines through Terraform. Seasoned experience in Java, Python, TypeScript, JavaScript, R, .NET, PowerShell Seasoned experience in usage of source control systems, Git and CI/CD pipelines using Terraform. Seasoned experience in sound practices on securing data and systems by applying appropriate authentication and authorization controls. Seasoned experience in Event Driven Development and asynchronous operations.

• Knowledge of operating systems, network devices, and security devices • Understanding of networking protocols and cybersecurity concepts • Familiarity with Security Information and Event Management (SIEM) tools Required Candidate profile Familiarity with VAPT tools, Incident Handling, and Forensic Analysis • Hands-on expertise in log analysis, monitoring, detecting, and investigating security incidents and breaches

We are currently seeking for a SOC Analyst our Bengaluru/Hyderabad location. Kindly add few profiles by EOD. Responsibilities of the SOC analysts: - Surveillance of an Organizations Networks and Systems: Monitor WxCCE cloud offering, including security systems, applications, and networks, to detect irregularities indicating a potential breach or attack. - Identify, Assess, and Mitigate Security Threats in Real-Time: Upon identifying a threat, work with WxCCE teams to determine the cause of the anomaly and take preventive measures to avoid future occurrences. - Incident Response and Investigation: Collaborate with team members to investigate incidents thoroughly before reporting to the authorities if needed. - Collaborates With Other Team Members to Implement Security Procedures, Solutions, and Best Practices: Work with their teams to implement and update security systems and procedures to ensure ongoing safe and secure operations within the organization. Certification/Requirements: Bachelors degree in computer engineering or similar field. Any of the following certifications is a plus -Certified Ethical Hacker (CEH) -Computer Hacking Forensics Investigator (CHFI) -EC-Council Certified Security Analyst (ECSA) -Licensed Penetration Tester (LPT) -CompTIA Security+ -CompTIA Cybersecurity Analyst (CySA+) Familiarity with ExaBeam SIEM technology a plus.