Soc Analyst 2

Role & responsibilities

• Lead the analysis and investigation of information security events (IDS/Proxy/SIEM/etc.) in a 24X7 SOC environment to immediately detect, verify, and respond swiftly to cyber threats, and remove false positive. Strong networking background.

• The analyst performs monitoring, research, assessment and analysis which requires demonstrable security incident response experience.

• Serve as a technical point of escalation and provide mentoring for L1 Security Operations Center (SOC) analysts.

• Handling security alerts on SIEM and Raise tickets based on the alerts.

• Follow ups with respective team to close the alerts, tickets.

• Analyze and assess security incidents and escalate to appropriate internal teams for additional assistance.

• Responsible for investigating incidents, analyzing attack methods, researching new defense techniques and tools, developing security policy, and documenting procedures for SOC.

• Malware analysis and other attack analysis to extract indicators of compromise. Perform data security event correlation between various systems.

• Prepare reports, summaries, and other forms of communication that may be both internal and client facing.

• Maintain familiarity with industry trends and security best practices.

• Ensure compliance to SLA, process adherence and process improvisation to achieve operational objectives.

• Periodic upgradation/creation of correlation rules based on emerging threats and requirement following MITRE Attack US-Cert and other TTP sources.

Preferred candidate profile

• 5+ years working in the Security operations Centre.

• Bachelors degree in engineering or higher preferred

• Excellent knowledge of Intrusion Detection (deep TCP/IP knowledge, and Cyber security), various operating systems (Windows/UNIX), and web technologies (focusing on Internet security)

• Ability to read and understand packet level data Intrusion detection and prevention and Network Security Products (IDS/IPS, firewalls, etc) Host Security Products (HIPS, AV, scanners, etc)

• Knowledge of cutting edge threats and technologies effecting Web Application vulnerabilities and recent internet threats

• Exposure on Vulnerability assessment as well as penetration testing or forensic analysis fields are an advantage

• Experience working as part of a global team, spanning multiple time zones and cultures.