SOC Analyst - Detection Engineering

About the role

SOC

You will be responsible to provide expert guidance and support to the security operations team in the use of for threat hunting and incident investigation and analysing the detected incidents to identify lessons learned to improve response processes and make recommendations for enhancing security posture. You will be also responsible for developing and maintaining documentation for Analytical rules processes and procedures.

Accountable to ensure all security anomalous activities are detected by the banks SIEM platform and false positives are kept to a minimum.

Verify the ingested logs and ensure log parsing to normalize the events. Implement a testing methodology to test the alerts configured and obtain sign off before releasing into production.

Stay Up to date with the latest trends and developments in cybersecurity and SIEM technologies and recommend improvements to the organization security posture.

Engineering Graduate in CS, IT, EC or InfoSec, CyberSec or MCA equivalent with experience in cloud security with any of the following - Microsoft Azure, Google cloud, Ability to develop and implement security policies, procedures and best practices.

5 years

SIEM Certification from any of the leading SIEM OEMs Splunk, Palo Alto, Securonix, LogRhythm, etc,. CEH or CISSP CCNA Security and/or any of the Cloud security certifications (AWS, GCP, Azure, OCI).

Knowledge of Networking components, Servers (RHEL, Windows, etc.) and Endpoints, cloud infrastructure along with Machine learning models used for detection of security alerts. Knowledge of various log types, event parsing and ingestion mechanisms across Systems, networks, cloud and commonly used applications in banks.

Excellent communication and interpersonal skills.

Working with the designated bank personnel to ensure alignment with RBI guidelines on detection of security alerts applicable to banks. Should have strong understanding of cybersecurity principles, threat detection and incident response.