'Indeevaram', Infopark Thrissur, Koratty, Thrissur Kerala, India – 680308 Ph : +91 - 487 - 2970 700
Soc Analyst L1 Team Lead
· Always ensure confidentiality and protection of sensitive customer data.
· Create & review SOPs for incident handling & response.
· Assist SOC Manager in Development and execution of SOC process/procedures.
· Monitor creation of reports, dashboards, metrics for SOC operations and presentation to Customer.
· Ensure compliance to SLA, process adherence and process improvisation to achieve operational objectives.
· Planning and defining shift roster for security event monitoring.
· Ensure compliance to SOC processes defined for incident identification, assessment, quantification, reporting, communication, mitigation, and monitoring is achieved on weekly basis.
· Primary responsibility on administration and monitoring of SOC ticketing tool used.
· Providing incident response/investigation and remediation support for escalated security alerts/incidents from L2 team.
· Provides technical support for forensics team (DFIR) to include evidence seizure, computer forensic analysis and data recovery, in support of computer crime investigation.
· Provide any needed technical support for Engineering team for customer SIEM operations/fine-tuning, use case fine-tuning.
· Performs research into emerging threat sources and develops threat profiles. Keep updated on latest cyber security threats.
· Demonstrates strong evidence of analytical ability and attention to detail. Has a broad understanding of all stages of incident response.
Experience / Job Competencies / Success Factors: -
· 5+ years technical experience working in a SOC and cyber security incident response team.
Professional experience working with sensitive or confidential information in a work environment.
· Mastery in using incident handling methodologies such as NIST SP 800-61. Should have demonstratable experience in conducting incidence response operations.
In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc.
· Knowledge about different types of cyber security/data security attacks such as ransomware, Phishing, data leakage etc.
In-depth understanding of: threat based IS/IT security, latest security technologies and concepts, threat management, incident, and vulnerability handling.
Experience and keen understanding of cybersecurity tools/devices, including SIEM, IDS/IPS, antivirus and endpoint detection & response solutions.
Effective communication skills and ability to present information to a wide variety of internal stakeholders, including senior level leadership.
Customer-facing, with good report-writing skills and strong communication skills at all levels.
Knowledge about frameworks such as MITRE ATT&CK, Cyber Kill chain, STRIDE etc.
Experience in threat management
Knowledge and expertise of various operating system flavors including but not limited to Windows, Linux, Unix
Appreciable scripting knowledge and experience in BASH/PowerShell/Regex and the like.
Knowledge of applications, databases, middleware to address security threats against the same.
· Understanding of Operating System, Web Server, database, and Security devices (firewall/NIDS/NIPS) logs and log formats.
Education Qualification Requirements: -
· Any bachelor’s degree in computer science/Information Security
· Priority for B. Tech (Computer Science/IT/Electronics/Communication Engineering)
· Mandatory: GCIH/GCFA/Certified Intrusion Analyst (GIAC)
· Mandatory: SIEM product certifications- Microsoft Security Operations Analyst
Please apply to