5 Soc Environment Jobs

As an IT Security Analyst in our Security Operations Center (SOC) team based in Noida (Hybrid), you will play a crucial role in safeguarding our organization's digital assets and infrastructure from cyber threats. Your responsibilities will include working in rotational night shifts, administering and troubleshooting security infrastructure devices, managing service tickets, detecting and responding to security incidents, monitoring system logs, and collaborating with internal teams to enhance security measures. You will need to stay updated on emerging threat vectors, contribute to refining SOC playbooks and SOPs, and possess a strong foundation in cybersecurity principles. To excel in this role, you should have at least 3 years of experience in IT Security, particularly within a SOC environment, and be well-versed in information security principles and networking fundamentals. Hands-on experience with security tools like SIEM platforms, EDR tools, IDS/IPS, firewalls, VPNs, and antivirus solutions is essential. Additionally, familiarity with network traffic analysis, vulnerability triage, malware identification, and phishing detection will be beneficial. Your ability to analyze compromise indicators, work efficiently in fast-paced settings, think critically under pressure, and possess relevant certifications like CompTIA Security+ or CEH will be highly valued. Key competencies for success in this role include meticulous attention to detail in documentation, strong written and verbal communication skills, effective team collaboration, the ability to remain composed and make decisions during high-stress situations, and a proactive mindset focused on continuous improvement. If you are a passionate IT Security professional with a proactive approach and a commitment to enhancing cybersecurity measures, we encourage you to apply for this challenging and rewarding opportunity.,

As a Transition Specialist for the Threat Intelligence Platform & Advisory role, your primary responsibility will be to lead the transition processes associated with the Threat Intelligence Platform. Your aim should be to ensure minimal disruption to ongoing operations during this transitional phase. Additionally, you will be expected to provide expert advisory services on threat intelligence strategies and best practices to both internal and external stakeholders. Your role will also involve overseeing the integration of new threat intelligence tools and technologies into the existing infrastructure. Furthermore, you will be required to develop and deliver training programs for team members and clients to enhance their understanding and usage of the threat intelligence platforms. Collaboration is key in this role as you will work closely with cross-functional teams to ensure alignment and effective communication throughout the transition process. It will be essential for you to monitor the performance and effectiveness of the threat intelligence platform, identifying areas for improvement and implementing necessary changes. In addition to the transition management responsibilities, you will be involved in monitoring and analyzing cybersecurity events, incidents, and vulnerability reports from multiple sources. Proactively monitoring and analyzing the cyber threat landscape to assess risk and applicability to the firm will also be a crucial aspect of your role. Working closely with the internal research team, you will identify customer-specific threats and create customer-specific analytical reports based on the identified findings. You will also be responsible for creating regular security trend reports utilizing information from the internal threat repository and collaborating with customer points of contact to understand their threat landscape and deliver customized solutions. Furthermore, you will engage in monitoring, analyzing, and reporting on cybersecurity events, intrusion events, security incidents, and other threat indications, while following best practices of operational security to safeguard sources and methods. Engaging with external communities to share and contribute to threat intelligence exchange activities will also be part of your responsibilities. To excel in this role, you should have hands-on experience with tools such as Rapid7, Recorded Future, Cyble, Zerofox, and Anomaly. Proficiency in threat intelligence tools and platforms, along with a strong understanding of cybersecurity principles and cyber threat intelligence, will be vital. Your ability to create high-quality security analysis reports, understand and analyze various threat vectors effectively, and have knowledge of cyber threats, malware, APTs, and exploits will be essential. Familiarity with the DarkNet, DeepWeb, open-source, social media, and other sources of cyber-criminal activity is preferred. A willingness to learn new technologies and skills, experience in a SOC environment, any background in threat hunting, and programming/scripting knowledge will be advantageous. The desired experience for this role is 7 to 10 years.,

ECI is the leading global provider of managed services, cybersecurity, and business transformation for mid-market financial services organizations across the globe. ECI offers stability, security, and improved business performance to over 1,000 customers worldwide with more than $3 trillion of assets under management, allowing clients to focus on running their businesses without technology concerns. At ECI, passion and purpose are the driving forces behind success. The company is dedicated to empowering employees worldwide to achieve their full potential. The Opportunity: ECI is seeking a talented SOC Engineer to analyze and respond to network security events. The SOC Engineer will collaborate to detect and respond to information security incidents, follow procedures for security event alerting, and participate in security investigations. Responsibilities include monitoring, researching, classifying, and analyzing security events on the network or endpoint. In this role, you will act as a shift lead, reviewing tickets before escalation to clients, investigating intrusion attempts, and conducting in-depth exploit analysis. Responsibilities: - Manage the incident queue and assign incidents based on priority, ensuring end-to-end handling within defined SLAs. - Expertly analyze SIEM logs for event and incident analysis, categorize and deep dive event logs for effective decision-making in handling security breach cases. - Collaborate with clients or internal teams to mitigate security threats and enhance client security posture. - Perform threat hunt activities based on the latest security vulnerabilities, advisories, and penetration techniques. - Contribute to the development of SOC policies, procedures, and configuration standards. - Administer security tools such as SIEM, EDR, Email gateway, etc. - Demonstrate advanced skills with SIEM tools (ELK, Splunk, Qradar), rule base management, and SOC fine-tuning. - Maintain "On Call" availability for critical incident response scenarios and urgent threats. - Exhibit strong analytical, diagnostic, innovation, and collaboration skills. - Show enthusiasm, adaptability, and a passion for continuous learning, growth, and knowledge sharing. - Deliver exceptional presentation and communication abilities. Requirements: - 3-5 years of experience in the IT security industry, preferably in a SOC environment. - Bachelor's degree in computer science/IT/Electronics Engineering, M.C.A., or equivalent. - Certifications: CCNA, CEH, CHFI, GCIH, ITIL. - Experience with SIEM tools, creation of correlation rules, fine-tuning rules, and administration. - Proficiency in TCP/IP network traffic and event log analysis. - Configuration and troubleshooting experience with Cisco ASA, PaloAlto firewalls. - Ability to work independently with minimal supervision. - Willingness to work in a 24/7 operations environment. - Shift management and scheduling experience. - Maintain awareness of potential risks in the operating environment. Bonus Points: - Knowledge and hands-on experience with IDS/IPS, Firewall, VPN, and other security products. - Knowledge of ITIL disciplines such as Incident, Problem, and Change Management. - Strong verbal and written English communication skills. - Strong interpersonal and presentation abilities. ECI's culture emphasizes connection with clients, technology, and each other. The company offers a competitive compensation package and a dynamic work environment. If you are ready to share your technology passion and create your future with ECI, we invite you to apply for this exciting opportunity.,

You will be responsible for leading the DLP strategy and implementation efforts within the SOC environment using Akamai's security suite. This includes designing, configuring, and maintaining Akamai DLP and Web Application Firewall (WAF) policies to prevent unauthorized data exfiltration. Monitoring and analyzing DLP alerts, conducting investigations, and coordinating incident response activities will also be part of your key responsibilities. In this role, you will develop use cases and fine-tune detection rules to reduce false positives and improve detection efficiency. Collaboration with cross-functional teams such as IT, Legal, Compliance, and Data Governance will be essential to ensure data protection requirements are met. Additionally, you will be expected to generate reports and metrics for leadership on DLP effectiveness and security posture. Staying current with industry best practices, threat landscapes, and Akamai updates is crucial for this position. You will also be responsible for mentoring SOC analysts and providing technical leadership on DLP and data protection initiatives. This is a full-time position with benefits including health insurance and Provident Fund. The work schedule is during day shift hours and the work location is in person. As part of the application process, you will be required to provide information on your current CTC, expected CTC, and notice period. The desired experience for this role is a minimum of 2 years in DLP/Akamai. If you are a proactive individual with a strong background in DLP and Akamai technologies, this role offers an opportunity to lead strategic initiatives and contribute to the overall security posture of the organization.,

As an Intelligence Analyst at Fortinet, you will be part of the Cyber Threat Intelligence (CTI) Collections/Analysis team, a dedicated group of skilled analysts, collectors, and specialists committed to safeguarding customers and their assets from external threats. Leveraging our advanced hybrid intelligence platforms and methodologies, your primary role will involve utilizing your writing and editing abilities to contribute to the generation of actionable intelligence for our client base. This includes assessing existing and emerging threats related to cybercrime and various forms of malicious exploitation. Your responsibilities will include monitoring and analyzing cybersecurity events, incidents, and vulnerability reports sourced from multiple outlets. You will be involved in reviewing and interpreting data from various sources such as OSINT, Darknet, and TECHINT. Collaborating closely with the Internal Research team, you will help identify threats specific to individual customers and create tailored analytical reports based on your findings. Additionally, you will be responsible for producing regular Security Trend reports using information from the internal threat repository and collaborating with customer points of contact to understand their threat landscape and customize service delivery accordingly. Furthermore, you will play a crucial role in monitoring, analyzing, and reporting on cybersecurity events, intrusion events, security incidents, and other indicators of potential threats. Adhering to operational security best practices is essential to safeguard sources and methods effectively. To excel in this role, you should possess strong fundamentals in Information Security, a solid understanding of Cyber Threat Intelligence, and the ability to produce high-quality Security Analysis reports. Your skill set should include the capacity to comprehend and analyze various threat vectors proficiently, along with knowledge of cyber threats, malware, APTs, exploits, etc. Familiarity with the DarkNet, DeepWeb, as well as open-source, social media, and other platforms of cyber-criminal activity is highly beneficial. Strong communication skills in English, along with the ability to engage effectively with diverse clients and articulate technical details clearly and concisely, are essential. A willingness to learn new technologies and skills, adapt to evolving circumstances, and innovate as needed is paramount. Previous experience in a Security Operations Center (SOC) environment or Cyber Crime Research will be advantageous, although not mandatory. Possession of certifications such as CEH, OSCP, or other cybersecurity credentials is a plus, while programming/scripting knowledge would be considered an additional asset. Maintaining the utmost discretion and confidentiality is crucial in this role. Proficiency in languages such as English, Hindi, and any other international languages like Arabic, Russian, Japanese, Chinese, German, or Italian would be advantageous.,