Continuously monitor security events and incidents using different SIEM tools to identify potential threats, anomalies and vulnerabilities.
Monitor multiple security technologies, such as Proxy, SEG ,IDS/IPS, Firewalls, Windows Servers, VPN traffic, AV/EDR and other security threat data sources.
Respond to inbound requests via email and other electronic means for technical assistance with security managed services.
Perform manual alert correlations in accordance with predefined procedures and escalate based on specific Project/Client requirements.
Handling of incidents through ticketing systems and follow through completion and/or escalation in accordance with established procedures.
Document all security alerts and incidents with detailed analysis and remediation recommendations.
Create or update processes and service operation procedures (SOPs, guidelines) for the assigned projects.
Document procedures used to solve issues for future reference.
Work in correlation with SLAs as applicable for day-to-day Operations of the Monitoring Team.
Job Requirements
Details:
Required Skills & Experience
1-3 years of security experience SOC
Basic knowledge of SIEM platforms (SecureWorks , Splunk, QRadar, Sentinel) and endpoint security tools.
Understanding of networking fundamentals (TCP/IP, firewalls, VPNs).
Familiarity with common attack types and security best practices.
Strong attention to detail, documentation, and communication skills.
Preferred Qualifications
CompTIA Security+, CEH, or equivalent entry level security certifications.
Exposure to cloud security monitoring (Azure, AWS, GCP).
Experience with ticketing systems (ServiceNow, Remedy, Jira).
Required Skills & Experience
1-3 years of security experience SOC
Basic knowledge of SIEM platforms (SecureWorks , Splunk, QRadar, Sentinel) and endpoint security tools.
Understanding of networking fundamentals (TCP/IP, firewalls, VPNs).
Familiarity with common attack types and security best practices.
Strong attention to detail, documentation, and communication skills.
