SOC Analyst

SOC Analyst

Experience Range: 4 -6 Years

Location: Bangalore

Key responsibilities

• Operate within a fast-paced 24x7 SOC environment, either as part of a team or independently, to Analyse alerts and log data promptly and effectively. Assess the severity and impact of potential threats to accurately prioritize alerts and incidents.
• Monitor and analyze security information and event management (SIEM) tools and other security monitoring systems to identify potential security incidents and anomalies.
• Conduct in-depth analysis of security events, collaborating directly with customers to escalate and thoroughly investigate incidents. This involves understanding the scope, impact, and root cause of incidents to tailor the response effectively.
• Execute swift containment and remediation measures for identified security incidents, employing predefined response strategies to isolate affected systems and prevent further compromise.
• Proactively participate in the creation and enhancement of processes and procedures such as Security Playbooks.
• Refine and optimise analytical rules within the SIEM platform to reduce false positive alerts, enhancing the accuracy and efficiency of threat detection.
• Assist in vulnerability assessments and penetration testing activities. Evaluate and prioritise identified vulnerabilities for remediation by collaborating directly with customers.
• Maintain accurate records of incidents, investigations, and security-related activities within the incident management platform.
• Create detailed reports on security incidents, response actions taken, and recommendations for improvement.
• Research new concepts and present them to the internal team as well as customers.

Required skills:

• Excellent English written and verbal communication skills.
• Prior experience working within a 24x7 Security Operations Centre (SOC).
• Security monitoring experience with one or more SIEM technologies, preferably Microsoft Sentinel.
• Knowledge of EDR solutions including Microsoft Defender and CrowdStrike Falcon.
• Strong understanding of Windows, Linux and cloud technologies including Microsoft Azure and Office365.
• Good understanding of security solutions including SIEMs, Web Proxies, Anti-Virus, Firewalls, VPN, authentication providers and mechanisms, encryption, IPS/IDS.
• Strong understanding of networking principles including TCP/IP, WANs, LANs, and commonly used Internet protocols.

Requirements

• Degree in Computer Science, Information Security, or a related field – Must have.
• SC-200 Microsoft Security Operations Analyst – Must have.
• AZ-500 Microsoft Azure Security Technologies – Desirable.
• CompTIA Security+ SY0-601 – Desirable.
• Certified Ethical Hacker (CEH) – Desirable.
• GIAC Security Essentials (GSEC) – Desirable.
• GIAC Certified Incident Handler (GCIH) – Desirable.