To perform this job successfully, an individual must be able to perform each essential duty satisfactorily.
The requirements listed below are representative of the knowledge, skill, and/or ability required.
Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
Lead the analysis and investigation of information security events (IDS/DLP/SIEM/etc.) in a 24X7 SOC environment to immediately detect, verify, and respond swiftly to cyber threats, and remove false positive.
Serve as a technical point of escalation and provide mentoring for L1 Security Operations Center (SOC) analysts.
Responsible for investigating incidents, analyzing attack methods, researching new defense techniques and tools, developing security policy, and documenting procedures for SOC.
Should be familiar with the attack vectors and threat research required to develop use cases in collaboration with the Engineering team.
Maintain baselines for secure configuration and operations
Malware analysis and other attack analysis to extract indicators of compromise. Perform data
security event correlation between various systems.
Prepare reports, summaries, and other forms of communication that may be both internal and client facing.
Maintain familiarity with industry trends and security best practices.
Ensure compliance to SLA, process adherence and process improvisation to achieve operational objectives.
To be a great candidate, you must:
Bachelors Degree in Computer Science, Information Systems, and 3- 5 years work experience in a relevant role, i.e., SOC Analyst, Incident Response, Cybersecurity Threat Analyst
Attention to detail in conducting analysis combined with an ability to accurately record full documentation in support of their work.
Excellent Oral and written communication skills
Experience with event analysis leveraging below mentioned tools
Next Generation SIEM ELK, Splunk and MS Sentinel
EDR tools SentinelOne, Microsoft Defender, Carbon Black
O365 E-mail Security
Certification of CEH and Security Plus is advantage
Problem solving and troubleshooting skills with the ability to exercise mature judgment.