SOC Analyst L2

JOB SPECIFICATION

Position: SOC Analyst

Grade: Sr. Executive / Astt. Manager

Location: Mumbai

Reporting To: NOC / SOC Manager

Job

A Security Operations Center (SOC) analyst plays a crucial role in ensuring the cybersecurity of an organization. They are responsible for monitoring, assessing, and defending the organization's information systems and networks from potential cyber threats and attacks.

Job Summary

The SOC Analyst will be responsible for monitoring and analyzing security events and incidents within the organization's network and information systems. They will work closely with the security team to identify, investigate, and respond to security threats and breaches. The ideal candidate should have a strong understanding of cybersecurity principles, incident response procedures, and the ability to work in a fast-paced, dynamic environment.

Responsibilities

• Monitor security event logs and alerts to identify potential security incidents and threats.
• Conduct in-depth analysis of security events to determine the root cause and impact of security incidents.
• Investigate and respond to security incidents, including performing initial triage, containment, and remediation actions.
• Collaborate with other teams to implement security measures and best practices to protect the organization's systems and data.
• Develop and maintain documentation related to security incidents, procedures, and policies.
• Conduct regular security assessments and vulnerability scans to identify and address potential security risks.
• Stay up-to-date with the latest cybersecurity trends, threats, and technologies to proactively identify potential risks and vulnerabilities.
• Provide recommendations for improving the organization's security posture and incident response procedures.
• Participate in the development and implementation of security awareness and training programs for employees.
• Assist in the implementation and maintenance of security tools and technologies, including firewalls, intrusion detection systems, and SIEM solutions.
  

Qualification & Certification

• Bachelor's degree in Computer Science, Information Technology, or a related field.
• Relevant certifications such as CompTIA Security+, Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH) or CrowdStrike / PaloAlto Certified Security Analyst are a plus
  

Skills

• Strong knowledge of Windows & Linux OS and its processes exploited the most in cyber attacks.
• Strong knowledge of network security, operating systems, and security protocols.
• Familiarity with security tools such as SIEM, IDS/IPS, and endpoint protection solutions.
• Ability to understand behaviour based detections and appropriate remediations
• Excellent analytical and problem-solving skills with the ability to think critically under pressure.
• Strong communication and teamwork skills to collaborate effectively with different teams and stakeholders.
• Understanding of regulatory compliance requirements related to data security and privacy.
• Ability to work in a fast-paced environment and handle multiple tasks simultaneously
  

Experience

Proven experience working in a Security Operations Center or a similar role.

• 2 to 3 years hands-on experience on
• EDR / XDR CrowdStrike Falcon, PaloAlto Cortex
• Attack Surface, DarkNet and Brand Monitoring
• Security Event Monitoring, Analysis and Remediations
• Deep understanding on actively exploited vulnerabilities