SOC

Description

• Acknowledge, analyse, and validate incidents triggered from correlated events through SIEM solutionoAcknowledge, analyse, and validate incidents received through other reporting mechanisms such as email, phone calls, management directions, etc.
• Collection of necessary logs that could help in the incident containment and security investigationo Escalate validated and confirmed incidents to SOC Manager\Leado Undertake first stages of false positive and false negative analysis
  
  

oUnderstand the structure and the meaning of logs from different log sources such as FW, IDS, Windows DC, Network appliances, AV and antimalware software, email security etc.

oOpen incidents in ITSM Platform to report the alarms triggered or threats detected. Analyst should properly include for each incident on SIEM all details related to the logs, alarms and other indicators identified in accordance with the intervention protocol and the SLA.

• Track and update incidents and requests based on client’s updates and analysis resultso Report infrastructure issues to the IT support team.
• Knowledge and hands-on experience in the management of EDR, CrowdStrike, ENS, DLP, CASB and other security products
• Experience in Security Information Event Management (SIEM) tools like LogRhythm and Sentinel One, creation of basic co-relation rules, and administration of SIEM
• Should have expertise on TCP/IP network traffic and event log analysiso Knowledge of ITIL disciplines such as Incident, Problem and Change Management
• Expectations:
• Exp 0-4 years SOC Engineer will be responsible for monitoring, reporting, and escalating events to our SOC Manager.
• The primary function of this position is to monitor the analytics tools, perform alert management, and initial incident qualification.
• This role reports to the SOC Manager.
• Bachelor’s degree with CEH certification
• Joining time / Notice Period: Immediate joining
• Shift Timings: Rotational Shifts (100% working from Bangalore office)