Job Detail

SOC Analyst L2 - ValueMentor

Date Posted: Apr 20, 2022
Login to View Salary

Job Detail

  • Location:
    Thrissur, Kerala, India
  • Company:
  • Type:
    Full Time/Permanent
  • Shift:
    First Shift (Day)
  • Career Level:
    Experienced Professional
  • Positions:
    1
  • Experience:
    4 Year
  • Gender:
    No Preference
  • Degree:
    Bachelors
  • Apply Before:
    Jun 30, 2022

Job Description

We are hiring an SOC Analyst L2 for our office located in infopark, Koratty, Thrissur.

 

Responsibilities:

  • Validate the Incidents reported by SOC L1 analysts/operators. The standard SLA to be kept for each incident validation is 30 mins.

  • Responsible for incident investigation, evidence collection, diagnosis, recovery within defined SLA and closing incidents.

  • Understand information security policies and procedures defined in customer environments.

  • Troubleshooting and Fine Tune SIEM platform.

  • Interact with concerned external parties/clients to resolve the queries related to the incidents raised.

  • Communicate with external teams/client in proper incident resolution.

  • Manage the SIEM incidents knowledge base.

  • Create report templates in the SIEM tool as defined by SOC lead.

  • Generate the daily reports, weekly reports, and monthly reports on time.

  • Maintain the timely delivery of reports.

  • Provide shift hand over reports as per defined template.

  • Ensure confidentiality and protection of sensitive data.

  • Educating and mentoring the L1 team.

  • Provide technical and functional support to L1 Team with analytical feedback.

  • Identify the intrusion attempts if there are any missed by SOC L1 analyst/ operators.

  • Support any duties directed from the SOC lead.

  • Perform use case testing and review to revoke obsolete use cases.

  • Inform SOC lead of proactive and reactive actions to ensure adherence to security policy.

  • Review and understand collected metrics from monitoring systems and be aware of patterns and anomalies.

  • Highlight gaps in SOPs to SOC lead.

  • Escalation of incident to SOC Lead for non-stand incident.

  • Experience / Job Competencies / Success Factors: -

  • 1+ Years’ experience in Azure Sentinel

  • 3+ years technical experience working in a SOC Analyst and/or cyber security incident response team.

  • Skills and knowledge in Programming/Query Languages (Shell Script, Powershell Python for automation and KQL, AQL etc for log analysis)

  • Ability to analyze captured data to perform incident response and identify potential compromises to customer networks.

  • Possesses a solid understanding of the TCP/IP protocol suite, security architecture, and remote access security techniques/products.

  • Experience analyzing both log and packet data utilizing standard tools like Wireshark, tcpdump and other capture/analysis tools.

  • Ability to perform network-based forensics and log analysis.

  • Strong understanding of incident response methodologies and technologies

  • Experience with log management and/or SIEM technologies such as Azure Sentinel, Splunk, ArcSight, LogRhythm, LogPoint and the like.

  • Malware analysis and reverse engineering is a plus.

  • Knowledge and Skills in Analysis and Log correlation to identify intrusions

  • Must be reliable and able to function as part of a 24x7 operations center.

  • Strong communication skills and presentation skills

  • Excellent written and verbal English communication skills are required.

  • Must be a strong team player with self-directed work habits, exhibiting initiative, drive, creativity, maturity, self-assurance, and professionalism.

  • Demonstrated analytical and problem-solving skills.

  • Awareness of frameworks such as MITRE ATT&CK and NIST and how they can be applied effectively within an enterprise.

  • Understanding of tools that can be used to assist in investigations; VirusTotal, Passive DNS, WHOIS

  • Knowledge of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise Anti-Virus/EDR/EPP/XDR/NDR products

 

Education Qualification Requirements:

  • Any bachelor’s degree in computer science

  • Priority for B. Tech (Computer Science/IT/Electronics/Communication Engineering)

  • Mandatory: CEH/CySA+/CHFI (any 2 will do)

  • Desirable: SIEM product Certifications /GCIH/GCFI/SANS certifications in DFIR

Benefits

Company Overview

Thrissur, Kerala, India

ValueMentor is a leading cyber security service provider with customers in USA, UAE, UK, India, Bahrain, Saudi Arabia, Kuwait, Oman, Qatar, Uganda. We enable clients to reduce risk by taking a strategic approach to cybersecurity. We help you align yo... Read More

Related Jobs

Google Map

GetUWork