Soc Analyst

Role & responsibilities

VAPT Responsibilities:

• Perform Vulnerability Assessment and Penetration Testing on Web Applications, Mobile Applications, Network, and Cloud Infrastructure.
• Proactively identify security vulnerabilities using manual and automated techniques.
• Perform Static Code Analysis and review source code for security issues.
• Handle dynamic scan scenarios and ensure complete coverage of application functionality.
• Utilize and be proficient in open-source and commercial security testing tools.
• Exploit vulnerabilities to assess real-world risk and demonstrate potential impacts.

SOC Responsibilities:

• Manage and respond to security incidents using SIEM technologies such as ArcSight, Splunk, or QRadar.
• Analyze logs and alerts from various sources (Firewall, Windows, Unix, WAF, AV, EDR/MDR).
• Author and fine-tune SIEM rules, reports, and parsers.
• Conduct root cause analysis and post-incident reviews.
• Leverage internal and external threat intelligence to investigate and hunt threats.
• Work with EDR solutions (e.g., CrowdStrike, Microsoft Defender, Carbon Black).
• Identify automation and orchestration opportunities to streamline SOC operations.

Preferred candidate profile

Technical/Functional Competencies

Functional/Technical Competencies:

• Strong understanding of OWASP Top 10 and CWE/SANS Top 25 vulnerabilities.
• Solid knowledge of network and infrastructure security concepts.
• In-depth understanding of SIEM and endpoint detection & response (EDR/MDR) tools.
• Familiarity with exploitation techniques and modern attack vectors.
• Experience in threat intelligence analysis and incident lifecycle management.
• Exposure to Elastic SIEM will be an added advantage.
• Proficiency in one or more areas: Network Security, Application Security, Incident Management, Penetration Testing.

Technologies & Tools:

• SIEM: ArcSight, Splunk, QRadar, Elastic
• EDR/MDR: CrowdStrike, Carbon Black, MS Defender
• Security Tools: Burp Suite, Nmap, Nessus, OpenVAS, Metasploit, etc.
• DAST, SAST, and Manual Security Testing Techniques

Desired personal traits

Personal Traits:

• Quick learner with a proactive approach to problem-solving.
• Strong analytical thinking and attention to detail.
• Excellent communication and presentation skills.
• Good team player with the ability to collaborate across functions.
• Self-motivated and able to work independently in a fast-paced environment.