SOC | Analyst L1
Job details
Job description, work day and responsibilities
Full Job Description
Location : Delhi, NCR.
Educational Background :
Bachelor's degree (or equivalent) preferred in Computer Science, Information Systems or related fields
Certifications :
Possession of industry certifications highly preferred including, but not limited to, Certified Information Systems Security Professional (CISSP) and SANS GIAC.
Experience :
1 years' experience working in IT/InfoSec engineering and operations
Primary Duties: :
First line of response for monitoring alerts and resolving incidents that are events triggered and escalate accordingly. (MONITORING).Review false positives and ensure the right alerts are being reviewed (MONITORING) Investigating and find the root cause of the these issues.
Technical Skills Required :
24x7 Active monitoring of Security events using SIEM (based on standard operating procedure)
(INVESTIGATING)Intrusion Detection System (IDS) monitoring, incident response, computer security best practices, system hardening, vulnerability assessment, and vulnerability management.
(MONITORING) SIEM - Utilize logging tool for monitoring, correlating, analyzing security events. (OPERATIONS) Analyze, and triage remediation of threats detected across all endpoints including malware (OPERATIONS)
Antivirus Management.
DLP Event monitoring and management
Handling End Users requests on Content Filtering using Websense for blocking and unblocking URL.
Performing Data classifications using Seclore based on the Standard operating procedur
Handling End Users requests on CyberArk based on standard operating procedure.
Security Event Identification, Analysis, Mitigation and notifications.
Handling End Users requests on encryption using Symantec PGP based on standard operating procedure
Performance, health, and latency monitoring of Security devices.
Defining new and tuning existing Security Controls (Correlation Rules) on SIEM for actionable alerts.
Recommendation on tuning security Incident Management process and procedure
Executive Security Dashboard for Clients Leadership Team.
Coordination with Clients team on incident escalations.
Daily and Weekly Security status report to Clients Technical Team.
Monthly Security Status report to Clients Leadership Team
Key Responsibilities :
BE/B.Tech/MCA with minimum 4-8 Plus years of experience in the field of IT Security
Experience with one or more SIEM/ Security solutions (i.e Splunk ES, Elastic ELK, HP ArcSight, IBM QRadar, LogRhythm)
Familiarity with security analysis of critical system logs and network protocols such as network flow data and full packet capture technologies
In-depth knowledge of technical approaches in security analytics, monitoring and alerting
Maintains technical knowledge within areas of expertise
Other Skills :
Good communication, co-ordination and interaction skills
Vendor Management and escalation handling with Vendors
Self-motivated and possessing a high sense of urgency and integrity
Company address
You will be redirected to another website to apply.
Offer ID: #769300,
Published: 2 weeks ago,
Company registered: 2 years ago
