No more applications are being accepted for this job
- Monitoring and analysis of cyber security events with the use of (SIEM) and other tools.
- SOAR experience to Design and configure automation and workbooks.
- SIEM as MS sentinel and Qradar and other tools use case management (alerts and reports) as per industry best practices.
- Monitor EDR to detect and investigate suspicious activities across all products.
- Monitor shadow IT for external threats and data exfiltrate.
- Provide analysis and trending of security log data from many heterogeneous IT security devices.
- Continuous threat hunting and liaise with the relevant team in case suspected incident.
- Provide threat and vulnerability analysis as well as security advisory services.
- Analyze and respond to previously undisclosed software and hardware vulnerabilities.
- Investigate, document, and report on Cybersecurity issues and emerging trends.
- Review SOC Analyst ticket queue, review tickets, closure or reassignment as needed.
- Create/review/modify documentation as needed, to include any process or procedure and thus ensure its up to date and standard.
- Provide analytical feedback on network traffic patterns.
- Provide analytical feedback related to malware and other network threats.
- Understand information security policies and best practices in environments.
- Provide technical support within the Security Incident and Event Management team to assist in the investigation and remediation of security incidents.
- Escalate incident remediation changes with other business units, vendors, and customers, adhering to a predefined ITIL change management framework.
- Where necessary, liaise and work with Professional Services Engineers and Solutions Architects around incident investigation and reporting.
- Maintain detailed knowledge of the environment(s), where applicable, by maintaining and updating relevant documentation such as Network Diagrams, Configuration and Asset Databases along with process and procedural documentation.
- Change management calendar updates/closures.
- Monthly SOC Reports.
- SOC White Board daily/weekly updates.
- Conduct security assessments regularly to identify vulnerabilities and performing risk analysis.
- Document incidents to contribute to incident response and disaster recovery plans.
- In the case of thirdparty vendors, verify their security strength and collaborate with them.
- Analysis of phishing emails reported by internal end users.
- Excellent understanding of kill chain, attack life cycle.
- Perform other duties as requested to meet the ongoing organizational needs.
- Requires Bachelor's degrees in Computer/IT engineering or related field.
- Professional Certifications
- SOC Analyst (CSA, CompTIA CySA+ etc.), CEH.
- SIEM Solution (Azure Sentinel, Q-Radar etc.).
- Threat Intelligence and Threat Hunting.
- English language skills (reading, speaking, writing, and listening).
- Good communication skills and teamwork
SOC Analyst - Qatar/Anywhere in India/Multiple Locations - BRISKWIN IT SOLUTIONS PRIVATE LIMITED
BRISKWIN IT SOLUTIONS PRIVATE LIMITED
Qatar/Anywhere in India/Multiple Locations
2 weeks ago
Description
JOB TITLE SOC Analyst - SeniorLocation:
QATAR
Arabic language must
Experience: 13+ Years
Key Responsibilities
Skills & Requirements :