Are you looking for a New Job or Looking for better opportunities?
We got a New Job Opening for
Full Details :
Company Name : ITC Infotech
Location : Bengaluru, Karnataka
Job Description : Job Description:
SOC Security Analyst (L2) will be responsible for responsible for day-to-day security threat monitoring and analysis. You will manage security incidents and review security alerts. You will work on known or suspected security threats. You will also work on threat intelligence, forensics and incident response adhering to security practices and frameworks. You will be part of 24×7 Security Operations Centre (SOC) team. You will be required to work in shifts.
. Job Responsibilities
Experience of monitoring threats in a 24×7 Security Operation Center (SOC)
Investigates and hunts for advanced threats.
Correct root cause analysis as well identify suitable corrective steps.
Perform deep packet analysis, collection of IOC (Indicator of Compromise).
Collection of evidence, malware reverse engineering and write custom scripts whenever required.
Co-coordinating with OEM for all the firmware upgrades, troubleshooting and other activities
Threat mitigation and reporting are top priority for this position.
Rule base Management, SOC Fine tuning and administer SIEM tools
Manage and coordinate with team to accomplish daily operational tasks as per defined standard and Maintaining the SLA’s.
Identify vulnerabilities, recommend corrective measures and ensure the adequacy of existing information security controls.
Advanced working skills with Qradar, LogRhythm, Arcsight and Splunk etc. Relevant certification is a plus. Good working knowledge with SOAR and EDR tools.
Investigate and respond to security incidents. Document and report on information security issues
Investigate, document, and report on information security issues and emerging trends
Evaluate and implement SIEM use cases.
Document and continuously improve playbooks.
Monitor for threats, analyze, and escalate as per process.
Analyze functional and technical cases and provide a resolution in accordance with agreed metrics.
Track health of monitoring infrastructure
Manage and support the log collection, security scanning, intrusion detection, proxy, mail gateway and other security technologies.
Review, triage security alerts, provide analysis, suggest remediation, track remediation.
Support in resolving security incidents.
Monitor networks and systems for potential threats.
Knowledge of network data flows, ports, protocols, and other network and application services/technologies.
Respond to incidents by collecting, analyzing and preserving digital evidence to assist with remediation of critical information security incidents.
Improve and challenge existing processes and procedures in a very agile and fast-moving information security environment.
Ability to write technical documentation and present technical briefings to diverse audiences.
Strong understanding of threat landscape in terms of the tools, tactics, and techniques of threats employing both commodity and custom malware.
Current knowledge of security threat intelligence and recent attack vectors
Strong forensics analysis skills
Knowledge on ITIL processes
Minimum Qualification & Background:
3-6 years of Information Security experience. Minimum 3 years in a large 24×7 Security Operations Centre (SOC)
Relevant security certification will be a plus.
Basic knowledge about AWS and Azure
Knowledge of current security threats, techniques, and landscape.
Security events, incident review and triage experience with Endpoint Detection and Response (EDR) tools
Experience and knowledge related to the configuration and maintenance of security monitoring and reporting platforms.
Ability to conduct detailed analysis of various security related events like Phishing, Spoofing, Ransomware and SQL Injections etc.
Incident Response experience (identifying, investigating, and responding to complex attacks)
Experience with threat hunting.
This post is listed Under Technology
Disclaimer : Hugeshout works to publish latest job info only and is no where responsible for any errors. Users must Research on their own before joining any company