Soc Analyst 1 - Bengaluru

Job summary

Candidate should have overall min. 2 years of experience and relevant 1 years of experience in Cyber Security Operations having below roles & responsibilities.

Responsibilities

• Acknowledge, analyse and validate incidents triggered from correlated events through SIEM solution
• Acknowledge, analyse and validate incidents received through other reporting mechanisms such as email, phone calls, management directions, etc.
• Collection of necessary logs that could help in the incident containment and security investigation
• Escalate validated and confirmed incidents to SOC Analyst
• Undertake first stages of false positive and false negative analysis
• Understand the structure and the meaning of logs from different log sources such as FW, IDS, Windows DC, Cisco appliances, AV and antimalware software, email security etc.
• Understand the subject of EDR alarms
• Open incidents in Security HQ to report the alarms triggered or threats detected. Analyst should properly include for each incident on Security HQ all details related to the logs, alarms and other indicators identified in accordance with the intervention protocol of each client and the SLA.
• Track and update incidents and requests based on clients updates and analysis results
• Properly log client requests and change requests in SecurityHQ
• Report infrastructure issues to the SHQ support team.
• Report false positive alarms from EDR and SIEM to L2 SOC analysts
• Generate weekly reports from SIEM platform and send it to L2 SOC analysts for review
• Other duties related to the position

Essential Skills

• Experience in Security Information Event Management (SIEM) tools, creation of basic co-relation rules, and administration of SIEM
• Should have expertise on TCP/IP network traffic and event log analysis.
• Knowledge and hands-on experience in management of IDS/IPS, Firewall, VPN, and other security products.
• Knowledge and hands-on experience in RSA or any other SIEM tool
• Knowledge of ITIL disciplines such as Incident, Problem and Change Management.

Additional Desired Skills

• Strong verbal and written English communication
• Strong interpersonal and presentation skills
• Ability to work with minimal levels of supervision
• Willingness to work in a job that involves 24/7 operations

Academics

• B.E / B.Tech in computers/ IT/ Electronics or
• M.E / M.Tech in computers/ IT/ Electronics or
• Post Graduation in computers/ IT/ Electronics

Job description