Experience with SIEM tools like IBM Qradar, PaloAlto XDR
Experience with SOAR tools like IBM Resilient, PaloAlto XSOAR
Experience with an EDR tool like CrowdStrike
Proficiency with Splunk queries
Good experience and exposure for advanced incident analysis
Capable of fine-tuning incidents to avoid false-positive alerts
Identify, develop, and propose enhancements to existing processes and operations
Ability to read and understand system data, including security event logs, system logs, application logs, and device logs
Expert in analyzing & correlating logs from various security tools
Demonstrate ability to react quickly & take decisions for high priority incident
Ability to analyze incidents, independently form conclusions, and present findings and recommendations to other analysts
Exposure to SOPs creation related to different processes and incident investigation analysis
Ability to investigate malicious activity to understand the nature of the threat
Ability to collaborate/Interact with different teams in SOC
Exposure to Threat hunting activity
Exposure in email analysis to categorize it as a Spam/Scam, Malicious, or Legitimate
Ability to analyze different IOCs and take actions accordingly
Personal skills:
Good Team player
Possess Positive and learning attitude
Good Verbal and Written communication skills
Sense of Ownership, Priorities and Autonomous
Qualification :
Bachelor's Degree in Computer Engineering, Information Technology or any relevant certifications
Familiar with basic understanding of Malware, TCP/UDP packets, security tools such IDS/IPS, web proxies, SIEM, DNS security, DDoS protection, firewalls
