'Indeevaram', Infopark Thrissur, Koratty, Thrissur Kerala, India – 680308 Ph : +91 - 487 - 2970 700
• Provide Monitoring and Analysis support of computer security events.
• Monitor SIEM Dashboards
• Understand and Detect Cyber Security Events
• Perform initial triage
• Perform Incident Analysis
• Raise Incident and perform mitigation with the help of asset owners.
• Validate and report efficacy of SIEM Rules.
• Report computer security events, in accordance with established processes and procedures.
• Perform role of Level 2.
• Requires working in shift basis (SOC operations are on 24x7 basis)
Experience / Job Competencies / Success Factors: -
• 1-2 years technical experience working in a SOC and cyber security incident response -
• Experience with Alienvault/Qradar Security Information and Event Management (SIEM) solution.
• In-depth understanding of security threats (preferably OWASP Top 10 vulnerabilities), threat attack methods and the current threat environment
• Understanding of common attacks (e.g. brute force, SYN flood, session hijack, smurf etc.) and their SIEM signatures.
• Experience in security monitoring, Incident Response (IR), security tools configuration and security remediation
• Must have excellent troubleshooting and analytical skills.
• Must be able to multitask in a fast-paced environment.
• Understanding of network protocols (TCP/IP stack, SSL/TLS, IPSEC, SMTP/IMAP, FTP, HTTP etc.)
• Understanding of Operating System, Web Server, database and Security devices (firewall/NIDS/NIPS) logs and log formats.
• Understanding of String Parsing and Regular Expressions.-
Education Qualification Requirements:-
• B.Tech (Computer Science/IT/Electronics/Communication Engineering) with min 60 marks or 6.0 CGPA
• Mandatory: CEH/CCNA/CHFI (any 1 will do)
• Desirable: SIEM Certification (Qradar,Alienvault)