Security Associate11 months ago Information Technology Pune 97 views Reference: 20150
We’re searching for a Security Associate for our SOC Monitoring team to assist our 24×7 managed security operations center. The position would comprise the following:
- Undergoing training for 6 months to learn security monitoring concepts, primary analysis of the logs, network concepts, handling customer calls, etc.
- Assisting our security engineers in their day-to-day functions as detailed within the Responsibilities section of this document.
- This role reports to the SOC Team Lead.
- Acknowledge, analyse and validate incidents triggered from correlated events through SIEM solution.
- Acknowledge, analyse and validate incidents received through other reporting mechanisms such as email, phone calls, management directions, etc.
- Collection of necessary logs that could help in the incident containment and security investigation.
- Escalate validated and confirmed incidents to SOC Analyst.
- Undertake first stages of false positive and false negative analysis.
- Understand the structure and the meaning of logs from different log sources such as FW, IDS, Windows DC, Cisco appliances, AV and antimalware software, email security etc.
- Understand the subject of Carbon Black alarms.
- Open incidents in SecurityHQ (ITSM Platform) to report the alarms triggered or threats detected. Analyst should properly include for each incident on SecurityHQ all details related to the logs, alarms and other indicators identified in accordance with the intervention protocol of each client and the SLA.
- Track and update incidents and requests based on client’s updates and analysis results.
- Properly log client requests and change requests in SecurityHQ
- Report infrastructure issues to the SecurityHQ support team.
- Report false positive alarms from Carbon Black and LogRhythm to L2 analysts.
- Generate weekly reports from LogRhythm platform and send it to L2 for review.
- Other duties related to the position.
- Certifications: CCNA
- Should have knowledge in Linux and Windows.
Negotiable depending on experience
Additional Desired Skills
- CCNA Security
- Good communication skills
- Good analytical skills
- Quick learner
- Team player
Education Requirements & Experience
- B.E., MCA, BCA, or University degree equivalent
- No required work experience in the IT security industry
Interested candidates Click on below link Apply Online and you will be redirected to Career Page of Company or Career url.
"SecurityHQ prides itself on its global reputation as an advanced Managed Security Service Provider, delivering superior engineering-led solutions to clients around the world. By combining dedicated security experts, cutting-edge technology and processes, clients receive an enterprise grade experience that ensures that all IT virtual assets, cloud, and traditional infrastructures, are protected."