Job
Description
Role Overview: At OpenText, AI is a core aspect of our operations, driving innovation and transforming work processes to empower digital knowledge workers. As part of our team, you will play a crucial role in shaping the future of information management by leveraging your expertise. Key Responsibilities: - Perform monitoring, identification, investigation, documentation, resolution, and reporting of security alerts by prioritizing events based on risk/exposure. - Analyze Endpoint Detection and Response (EDR), Network, Cloud, and other traffic and log data to identify potential threats or vulnerabilities. - Generate tickets and incident reports for external clients and Tier 3 analysts. - Remediate security incidents and apply insights from past incidents to enhance investigation and resolution processes. - Develop processes that align with enterprise incident response activities and collaborate closely with other teams within the Security Operations Center. - Investigate suspicious activities and content to prevent potential security breaches. - Follow strict security and SOC guidelines and Standard Operating Procedures (SOPs). - Engage in threat hunting, threat intelligence, and deep investigation of alerts to enhance security measures. - Identify new use cases and demonstrate strong analytical skills to assess alerts effectively. - Integrate new logging sources and establish playbooks for efficient triage and response to security incidents, aiming to reduce analysis time for each event. - Assess, design, and enhance SOC processes and workflows by incorporating automation through Security Orchestration, Automation, and Response (SOAR) tools and technologies. - Develop custom content to augment the capabilities of the security operations center. - Create custom analytics, dashboards, and reports to provide insights into security operations. - Respond to customer or Tier 1 analyst tickets within specified objectives and create new detection rules to enhance security measures. Qualifications Required: - Proven experience in a Security Operations Center (SOC) with a minimum of 4-6 years of relevant experience. - Familiarity with Managed Security Services and Incident Response Framework. - Proficiency in Endpoint Detection and Response (EDR) tools. - Experience with an industry-leading SIEM technology (SIEM administration skills would be advantageous). - Understanding of key IT/Cybersecurity concepts such as Network Security, Security Operations & Administration, Managed Detection and Response, Incident Response & Recovery, Vulnerability Management, etc. - Strong interpersonal skills to engage effectively with customers, team members, and support personnel. - Excellent analytical and problem-solving abilities for investigating security issues. - Effective written and verbal communication skills. - Ability to build trust, maintain positive relationships, and contribute to a culture of inclusion. - Self-motivated individual willing to work in rotational 24*7 shifts at the office in Hyderabad. (Note: Omitted additional details of the company from the Job Description),
