Job Description:

We are looking for proactive enthusiastic candidates to join our existing SOC Team which is a complete WFH Model. We are 24*7* 365 SOC Team, handles various clients across the globe and we are exploring the candidates with below qualifications to fulfill our current positions

• The person in this role is expected to own and lead end-to-end security Incident Management. It is expected that the person effectively leads various incident management phases and create new SIEM Rules, Lists, Queries, Use Cases.
• L2 Analyst must work directly with SOC team members to Deter, Monitor, Analyze, Investigate, and Respond to Cyber security Threats and Network Intrusions.
• You will be primarily focused on analyzing security posture, to identify & report weaknesses in a network’s security system to prevent breaches from occurring through careful network monitoring and analysis.
• Additionally, SOC Level 2 Analyst will be utilizing threat intelligence, and working with internal incident response team members to conduct threat hunting activities.
• Identify, Collect, Analyze and Preserve Digital Evidence collected for an incident. Review investigation requests and determine the level of response required.
• Utilizes latest and advanced knowledge of SOC Technologies (SIEM, EDR/XDR/NDR, Email Security, AAD Security, Web app security, Network Security, Log Analysis, etc.) across various platforms (end – points, servers, AWS/Azure/GCP cloud) and Operating Systems (Windows, Linux, UNIX, Mac, AIX, etc.) for supporting Incident Management.
• Keeps updated with latest adversary TTPs in the industry and work closely with Engineering team to ensure appropriate detection rules and containment process is in place.
• Comfortable working in various time zones to provide the 24*7 SOC Monitoring to our clients and initiate the WAR Room whenever required and drive the incidents effectively and provide Triage and Remediations steps in Various Azure Products
• Ensures timely and effective reporting and customized communication of incident trends and metrics.
• Be a very good team player and provide various lessons learned on the incident handled in day to day manner across the team.

KEY REQUIREMENTS (Education, Work Experience & Skills)

• Strong Professional Ethics, Effective Communication, Email Etiquette and Very Good Team Player
• Hands-on experience with SOC Technology: SIEM (Sentinel/Splunk/QRadar and other SIEM’s)
• Hands-on experience in EDR/XDR (Microsoft Defender for Endpoint/ CrowdStrike/ Carbon black & Others)
• 3+ years of experience working in Security Operations Centre with a Security Incident & Event Management (SIEM)
• Good understanding of network devices such as Intrusion Detection Systems (IDS)/ Intrusion Prevent Systems (IPS), firewalls, network packet capture tools.

DESIRABLE

• Certified Ethical Hacker Certifications [CEH]
• GIAC Certified Forensic Analyst (GCFA)
• GIAC Certified Forensic Examiner (GCFE)
• Certified Information Security Professional (CISP)