Security Operations Center Analyst

Position Summary:

This position will support Mphasis Cyber Defense Center/SOC. It requires to continuously monitor cyber security events, perform triages and provide response/remediation activities.

Responsibilities:

 Continuously monitor security alerts generated by SIEM and other security tools.

 Perform initial triage to distinguish genuine security incidents from false positives and promptly escalate complex or confirmed threats to senior analysts or incident response teams.

 Conduct in-depth analysis of potential security incidents by gathering and correlating data from various sources.

 Identify indicators of compromise to determine the scope, impact, and root cause of incidents.

 Develop and execute effective containment and remediation strategies in close coordination with incident response teams.

 Engage in proactive threat hunting to uncover stealthy or sophisticated attacks that bypass standard monitoring mechanisms.

 Maintain accurate and detailed incident logs and reports that capture the analysis, response actions, and lessons learned.

 Communicate technical findings clearly to both technical and non-technical stakeholders.

 Collaborate with fellow SOC analysts, incident responders, and IT teams to optimize detection rules and continuously improve the organization’s security posture.

 Evaluate and implement new security technologies while contributing to the development of SOC playbooks, standard operating procedures, and best practices.

 Continuously learn and keep abreast on latest trends in attack patterns and tools

Desired Skills/Experience:

 3-6 years of overall experience in area of Systems/Network/Information Security and minimum 2 years in SOC/MSS services

 Experience SIEM Monitoring solutions [Qradar, ArcSight, Splunk, etc.,] and a variety of other security devices found in a SOC environment

 Good understanding in Log formats of various security devices like Proxy, Firewall, IDS/IPS DNS,

 Solid foundational understanding of networking concepts (TCP/IP, LAN/WAN, Internet, network topologies)

 Experience in major operating systems (Windows, Linux)

 Understanding of current trends in attacker and threat actor tools, techniques, and procedures (TTP) and mitigation steps

 Strong analytical and problem-solving skills

 Excellent communication and interpersonal skills

 Professional/Technical Certifications (Security+, CCSE, CCSP, TICSA, MCSE, CISSP, etc.) desirable