L3 SOC Monitoring Analyst
- 24 7 ai
- 6 - 10 years
- Bengaluru
- 3 years ago
- Email to a friend
- Report this job
Job Description
The Level Three SOC Monitoring analyst will fit into a global team providing 24/7 monitoring, reviewing asset discovery and vulnerability assessment data. The L3 Analyst is expected to explore ways to identify stealthy threats that may have found their way inside the network, without detection using the latest threat intelligence tools.
POSITION RESPONSIBILITIES:
- Performs advance analysis using a variety of tools and techniques to investigate, navigate, correlate, and understand security incidents
- Perform/review incident investigation and prepare analysis reports, categorize incidents, update incident ticket and actions performed
- RCA preparation and review of security incidents
- Create weekly reports for management showing the health and effectiveness of security monitoring tools
- Support SIEM and monitoring tools administration if required
- Deep investigation of incidents to work with Global SOC and SIRT
- Responsible to keep asset inventory up to date
- Reviews asset discovery and vulnerability assessment data to identify security issues/incidents
- Provide recommendations on how to improve our security posture from the technical perspective
Educational Requirements:
- Bachelors degree or equivalent working experience
- Desired Certifications:
- Cisco CCNA Security or Cyber Ops
- EC Council (CEH or Incident Handler)
- GIAC related certifications
- Cloud Security
Required Skills and Abilities :
- 6+ years previous working experience in a SOC or Cyber Security
- Knowledge of various operating systems
- Prior experience in detecting, analyzing and investigating security incidents
- Excellent experience in threat intelligence, network forensics
- Strong, verbal, and written communication, facilitation, and interpersonal skills
- Required Experience in administrating or monitoring detection/security tools:
- SIEM
- EDR
- Endpoint Protection
- IPS/IDS
- DLP
- Cloud Security (GCP. AWS, Azure)
- Identity and Access Management
- Firewalls and Networking
- Good understanding of security and incident response activities
- Core understanding of possible attacks activities such as network probing/scanning, DDOS, etc.
- Good understanding of vulnerability assessment tools
- Good networking understanding
- English proficiency (written and oral)
- Ability to complete tasks and deliver on time, and good interaction with other teams
- Self-Motivated, curious, and knowledgeable pertaining to news and current information security trends and news.
- Desired hands-on experience on:
- McAfee SIEM/Nitro
- Sumo Logic
- Cisco (ASA, Firepower, IDS,e etc.)
- Tanium
- Crowdstrike or any other EDR
- Palo Alto
- Cloud Computing such as AWS, GCP or Azure
- Proofpoint
Supervisory Responsibility: NA
Travel Requirements: NA
Work Conditions: General office environment; Remote will be considered.
Job Classification
Industry: Software ProductFunctional Area: IT & Information Security,
Role Category: IT Security
Role: IT Security
Employement Type: Full time
Education
Under Graduation: Any GraduatePost Graduation: Any Postgraduate
Contact Details:
Company: 24 7 aiLocation(s): Bengaluru
Keyskills: Network Administrator Security
Similar positions
24 7 ai
Company Profile:[24]7.ai, is a global leader in intent-driven customer engagement solutions. We are redefining the way companies interact with consumers. We combine artificial intelligence with human intelligence to substantially improve customer experience. Our clients include mor...
Job Listings
We are in open beta version of website, please let us know if any issues, at: info(at)indigojobs.in