Job Description
Position: L3 SOC Monitoring Analyst
Reports to: SOC Lead
Department: Information Security
Status: Exempt
Location: TBD
POSITION SUMMARY:
The Level Three SOC Monitoring analyst will fit into a global team providing 24/7 monitoring, reviewing asset discovery and vulnerability assessment data. The L3 Analyst is expected to explore ways to identify stealthy threats that may have found their way inside the network, without detection using the latest threat intelligence tools.
POSITION RESPONSIBILITIES:
- Performs advance analysis using a variety of tools and techniques to investigate, navigate, correlate, and understand security incidents
- Perform/review incident investigation and prepare analysis reports, categorize incidents, update incident ticket and actions performed
- RCA preparation and review of security incidents
- Create weekly reports for management showing the health and effectiveness of security monitoring tools
- Support SIEM and monitoring tools administration if required
- Deep investigation of incidents to work with Global SOC and SIRT
- Responsible to keep asset inventory up to date
- Reviews asset discovery and vulnerability assessment data to identify security issues/incidents
- Provide recommendations on how to improve our security posture from the technical perspective
Educational Requirements:
- Bachelor s degree or equivalent working experience
- Desired Certifications:
- Cisco CCNA Security or Cyber Ops
- EC Council (CEH or Incident Handler)
- GIAC related certifications
- Cloud Security
Required Skills and Abilities:
- 6+ years previous working experience in a SOC or Cyber Security
- Knowledge of various operating systems
- Prior experience in detecting, analyzing and investigating security incidents
- Excellent experience in threat intelligence, network forensics
- Strong, verbal, and written communication, facilitation, and interpersonal skills
- Required Experience in administrating or monitoring detection/security tools:
- SIEM
- EDR
- Endpoint Protection
- IPS/IDS
- DLP
- Cloud Security (GCP. AWS, Azure)
- Identity and Access Management
- Firewalls and Networking
- Good understanding of security and incident response activities
- Core understanding of possible attacks activities such as network probing/scanning, DDOS, etc.
- Good understanding of vulnerability assessment tools
- Good networking understanding
- English proficiency (written and oral)
- Ability to complete tasks and deliver on time, and good interaction with other teams
- Self-Motivated, curious, and knowledgeable pertaining to news and current information security trends and news.
- Desired hands-on experience on:
- McAfee SIEM/Nitro
- Sumo Logic
- Cisco (ASA, Firepower, IDS,e etc.)
- Tanium
- Crowdstrike or any other EDR
- Palo Alto
- Cloud Computing such as AWS, GCP or Azure
- Proofpoint
Supervisory Responsibility: NA
Travel Requirements: NA
Work Conditions: General office environment; Remote will be considered.
The preceding description and functions is a summary of principal responsibilities, and may not be comprehensive in scope regarding work performed by an employee assigned to this position classification. Management reserves the right to add, modify, change or rescind the work assignments of this position. Management also reserves the right to make reasonable accommodations so that a qualified employee(s) can perform the essential functions of the position.
Does your profile matches to above Job description and looks exciting Then look no further and share your resume to Ar*****s@***.ai
,
Employement Category:
Employement Type: Full time
Industry: IT - Software
Role Category: Operations Management / Process Analysis
Functional Area: Not Applicable
Role/Responsibilies: Monitoring Analyst
Contact Details:
Company: 24 7 Customer
Location(s): Bengaluru