Security Operations Center Analyst

Candidates with 6-10 years of experience in:

1. Handling operation of MDR solution, including software and applications.
2. Develop use cases and playbooks for SIEM and SOAR for effective and automated incident detection and handling.
3. Test SIEM SOAR and other solutions in scope to explore the right technical defense/remedy and provide performance statistics and reports.
4. Perform integration of all tools and services for access, authentication, authorization, data security, vulnerability management, policy management, auditing, and compliance to ensure company's security policy and procedures are applied.
5. Ensure effectiveness of security solutions in scope
6. Assess and Find the gaps in security controls which protects critical assets against any incidents or threats from the internal or external environment.
7. Co-ordinate with vendors/partners & internal teams to manage security platforms including deployments, maintenance and operations. Develop plans for maintaining the infrastructure in newly implemented security solutions to the operational environment.
8. Manage Cybersecurity incidents and related process, tools and resources
9. Work with an identified Partner for effective Security operations and incident handling.
10. Conduct periodic threat hunting independently and with partners to ensure effective detection of any threats.
11. Ensure preventive maintenance of critical infrastructure, to increase performance and minimize disruption.
12. Record all the security incidents/events leading to infrastructure downtime, analyze root cause and suggest workarounds.
13. Create Reports for performance reviews, corrective action, routine equipment checks and preventative maintenance for security systems to reduce the down time of the systems.
14. Gather and report on metrics regarding security systems within ASL environments. Prepare status reports and other management metrics as needed.

Key Skills:

1. Demonstrable experience within a Security Operations Center, coordinating responses to security incidents.
2. Experience in working with MDR tooling, infrastructure and Develop processes.
3. Experience On popular SIEM, SOAR, and threat hunting platforms is mandatory.
4. Experience in security incident handling is mandatory.
5. Exposure to threat hunting is mandatory.
6. Security related professional certifications preferred. Examples of certifications include but are not limited to CEH , CSA, CIH (ec council), CompTIA Security+, CND, infosec institute, etc.
7. Good analytical & problem-solving skills with ability to translate ideas into practical implementation.
8. Ability to manage stakeholder relationships including team members, vendors and partners.
9. Good communication skills with both technical and non-technical audiences.
10. Ability to provide technical training to other team members.