-
Apply Now
-
Start applying with LinkedIn
-
Please wait...
Start applying with LinkedIn
SOC Analyst
• Description:
o Acknowledge, analyse, and validate incidents triggered from correlated events through SIEM solution
o Acknowledge, analyse, and validate incidents received through other reporting mechanisms such as email, phone calls, management directions, etc.
o Collection of necessary logs that could help in the incident containment and security investigation
o Escalate validated and confirmed incidents to SOC Lead
o Undertake first stages of false positive and false negative analysis
o Understand the structure and the meaning of logs from different log sources such as FW, IDS, Windows DC, Cisc
o appliances, AV and antimalware software, email security etc.
o Open incidents in ITSM Platform to report the alarms triggered or threats detected.
o Analyst should properly include for each incident on SIEM all details related to the logs, alarms and other indicators identified in accordance with the intervention protocol and the SLA.
o Track and update incidents and requests based on client’s updates and analysis resultso Report infrastructure issues to the IT support team.
o Other duties related to the position Essential Skills
o Knowledge and hands-on experience in the management of McAfee EDR, CrowdStrike, ENS, DLP, CASB and other security products
o Experience in Security Information Event Management (SIEM) tools like LogRhythm and McAfee, creation of basic co-relation rules, and administration of SIEM
o Should have expertise on TCP/IP network traffic and event log analysis
o Knowledge of ITIL disciplines such as Incident, Problem and Change Management
• Expectations:
o Exp 0 - 4 years SOC Engineer will be responsible for monitoring, reporting, and escalating events to our SOC Manager.
o The primary function of this position is to monitor the analytics tools, perform alert management, and initial incident qualification.
o This role reports to the SOC Manager.
o Bachelor’s degree with CEH certificationo Joining time / Notice Period: Immediate joining
o Shift Timings: Rotational Shifts (100% working from Bangalore office)
3 must haves
SIEM 4/5
Networking 4/5
ITSM 3/5
-
Apply Now
-
Start applying with LinkedIn
-
Please wait...