SOC Analyst - Qatar/Anywhere in India/Multiple Locations - BRISKWIN IT SOLUTIONS PRIVATE LIMITED

Description

• Monitoring and analysis of cyber security events with the use of (SIEM) and other tools.
• SOAR experience to Design and configure automation and workbooks.
• SIEM as MS sentinel and Qradar and other tools use case management (alerts and reports) as per industry best practices.
• Monitor EDR to detect and investigate suspicious activities across all products.
• Monitor shadow IT for external threats and data exfiltrate.
• Provide analysis and trending of security log data from many heterogeneous IT security devices.
• Continuous threat hunting and liaise with the relevant team in case suspected incident.
• Provide threat and vulnerability analysis as well as security advisory services.
• Analyze and respond to previously undisclosed software and hardware vulnerabilities.
• Investigate, document, and report on Cybersecurity issues and emerging trends.
• Review SOC Analyst ticket queue, review tickets, closure or reassignment as needed.
• Create/review/modify documentation as needed, to include any process or procedure and thus ensure its up to date and standard.
• Provide analytical feedback on network traffic patterns.
• Provide analytical feedback related to malware and other network threats.
• Understand information security policies and best practices in environments.
• Provide technical support within the Security Incident and Event Management team to assist in the investigation and remediation of security incidents.
• Escalate incident remediation changes with other business units, vendors, and customers, adhering to a predefined ITIL change management framework.
• Where necessary, liaise and work with Professional Services Engineers and Solutions Architects around incident investigation and reporting.
• Maintain detailed knowledge of the environment(s), where applicable, by maintaining and updating relevant documentation such as Network Diagrams, Configuration and Asset Databases along with process and procedural documentation.
• Change management calendar updates/closures.
• Monthly SOC Reports.
• SOC White Board daily/weekly updates.
• Conduct security assessments regularly to identify vulnerabilities and performing risk analysis.
• Document incidents to contribute to incident response and disaster recovery plans.
• In the case of thirdparty vendors, verify their security strength and collaborate with them.
• Analysis of phishing emails reported by internal end users.

• Excellent understanding of kill chain, attack life cycle.
• Perform other duties as requested to meet the ongoing organizational needs.

• Requires Bachelor's degrees in Computer/IT engineering or related field.

• SOC Analyst (CSA, CompTIA CySA+ etc.), CEH.
• SIEM Solution (Azure Sentinel, Q-Radar etc.).
• Threat Intelligence and Threat Hunting.
• English language skills (reading, speaking, writing, and listening).
• Good communication skills and teamwork