SOC Level-1 Analyst

Job Summary:

The Security Operation Centre (SOC) Information Security Analyst is the first level of monitoring in the SOC. The position monitors and responds to security events from managed customer security systems as part of a team on a rotating 24 x 7 x 365 basis.

Your background should include exposure to security technologies including firewalls, IPS/IDS, logging, monitoring and vulnerability management. You should have an understanding of network security practices. Excellent customer service while solving problems should be a top priority for you. Scalar is a fast-paced, entrepreneurial environment so to be successful you’ll need to be a pro-active individual, take direction well, communicate succinctly and collaborate effectively.

Core Responsibilities:

• The security analyst monitors security events from the various SOC entry channels (SIEM, Tickets, Email and Phone), based on the security event severity, escalate to managed service support teams, tier 2 information security specialists, and/or customer as appropriate to perform further investigation and resolution.
• Recommend enhancements to SOC security process, procedures and policies.
• Participate in security incident management and vulnerability management processes
• Participate in evaluating, recommending, implementing, and troubleshooting security solutions and evaluating IT security of the new IT Infrastructure systems.
• Works as part of a team to ensure that corporate data and technology platform components are safeguarded from known threats
• Communicate effectively with customers, teammates, and management
• Provide input on tuning and optimization of security systems
• Follow ITIL practices regarding incident, problem and change management
• Document and maintain customer build documents, security procedures and processes.
• Staying up-to-date with emerging security threats including applicable regulatory security requirements.
• Other responsibilities and additional duties as assigned by the security management team Lead

Required Technical Expertise

• Experience in SIEM Tool – Qradar
• Minimum of 2 years of experience in SOC services through on-premises or managed mode of service provider.
• Minimum 2-year experience in operating a SIEM product and other security tools.
• Have experience in handling log management and incident management.
• At least one Mandatory certification from: CEH / CCNA / ISO 27001.
• Process and Procedure adherence
• General network knowledge and TCP/IP Troubleshooting
• Ability to trace down an endpoint on the network, based on ticket information
• Familiarity with system log information and what it means
• Understanding of common network services (web, mail, DNS, authentication)
• Knowledge of host based firewalls, Anti-Malware, HIDS
• General Desktop OS and Server OS knowledge
• TCP/IP, Internet Routing, UNIX / LINUX & Windows NT