Login for faster access to the best deals. Click here if you don't have an account.

SOC Analyst Full-time Job

6 days ago Information Technology Pune   7 views
Job Details

The primary function of the Security Analyst is to analyse any incidents escalated by the Level 1 Security Engineer and undertake the detailed investigation of the Security Event. The Security Analyst shall determine whether the security event will be classified as an incident. They will be coordinating with the customer IT and Security team for resolution of the Security Incident.

This role reports to the SOC Team Lead.

Responsibilities

  • Escalate validated and confirmed incidents to designated incident response team.
  • Notify Client of incident and required mitigation works.
  • Fine-tune SIEM rules to reduce false positive and remove false negatives.
  • Collect global threat intelligence and internal threats then inject actions based on analysis and recommendation.
  • Proactively research and monitor security information to identify potential threats that may impact the organization.
  • Develop and distribute information and alerts on required corrective actions to the organization.
  • Learn new attack patterns, actively participate in security forums.
  • Work closely with Vulnerability Management and designated incident response team.
  • Understand the structure and the meaning of logs from different log sources such as FW, IDS, Windows DC, Cisco appliances, AV and antimalware software, email security etc.
  • Understand the subject of Carbon Black alarms. Perform Ad-hoc training for L1 analysis.
  • Perform threat intel research.
  • Ability to run and understand Sandbox Static Analysis.
  • Open and update incidents in SecurityHQ (ITSM Platform) to report the alarms triggered or threats detected. Analyst should properly include for each incident on SecurityHQ all details related to the logs, alarms and other indicators identified in accordance with the intervention protocol of each client and the SLA.
  • Track and update incidents and requests based on client’s updates and analysis results.

Essential Skills

  • Knowledge and hands-on experience of implementation and management of IDS/IPS, Firewall, VPN, and other security products.
  • Experience with Security Information Event Management (SIEM) tools, creating advanced co-relation rules, administration of SIEM, system hardening, and Vulnerability Assessments.
  • Should have expertise on TCP/IP network traffic and event log analysis.
  • Knowledge and hands-on experience with LogRhythm, QRadar, Arcsight, Mcafee epo, NetIQ Sentinel or any SIEM tool.
  • Knowledge of ITIL disciplines such as Incident, Problem and Change Management.
  • Configuration and Troubleshooting experience on Checkpoint, Cisco, Fortigate, PaloAlto and Sonicwall firewalls would be an added advantage.

Additional Desired Skills

  • Strong verbal and written English communication.
  • Strong interpersonal and presentation skills.
  • Ability to work with minimal levels of supervision.
  • Willingness to work in a job that involves 24/7 operations.

Education Requirements & Experience

  • Bachelors in Computer Science/IT/Electronics Engineering, M.C.A. or equivalent University degree.
  • Minimum of 4 to 5 years of experience in the IT security industry, preferably working in a SOC/NOC environment.
    Certifications: CCNA, CCSP, CEH

Interested candidates Click on below link Apply Online and you will be redirected to Career Page of Company or Career url.


To help recruiter identify source of information
!!! Please carry printout of this page or mention Localwalkins.com on your resume !!!
Company Description
"SecurityHQ prides itself on its global reputation as an advanced Managed Security Service Provider, delivering superior engineering-led solutions to clients around the world. By combining dedicated security experts, cutting-edge technology and processes, clients receive an enterprise grade experience that ensures that all IT virtual assets, cloud, and traditional infrastructures, are protected."