Soc Analyst

Job Description

Roles & Responsibilities: Continuously monitor security events and alerts generated by the Sentinel SIEM platform to ensure the early detection of potential threats. Perform effective triage of security incidents, analyzing and validating alerts to differentiate between true positives and false positives. Accurately escalate incidents to L3 teams, ensuring proper documentation and providing them with sufficient information for resolution. Prepare detailed incident reports, daily/weekly status updates, and dashboards for both internal use and client-facing communications. Communicate with L3 teams to ensure clarity on incident handling, gather necessary information, and provide updates on ongoing incidents or security operations. Identify, track, and respond to potential security threats, vulnerabilities, and incidents in a timely manner, adhering to the established SLAs. Perform thorough analysis before escalating incidents, ensuring L3 teams receive well documented and actionable intelligence. Provide feedback and improvements within the SOC operations and processes. Eager to learn and implement new technologies and methodologies. IDEAL CANDIDATE: Microsoft certifications such as AZ-500, SC-200 etc are highly desirable Knowledge of security frameworks like MITRE ATT&CK. Exposure to Microsoft Defender, XDR, or other Microsoft security tools • Knowledge of multiple cloud platforms such as AWS, Azure, Google Cloud etc. Solid understanding of common cybersecurity threats (e.g., phishing, malware, insider threats) and best practices for incident management. Identity and Access Management (IAM), Network Security, Data Encryption, Key Management System. Familiarity with cloud-native security services such as AWS GuardDuty, Azure Security Center, and Google Cloud Security Command Center.