Key Responsibilities
Threat Monitoring and Detection:
- Monitor security alerts, events, and incidents using SIEM tools and other security technologies.
- Analyze logs and network traffic to identify anomalous behavior or potential security breaches.
Incident Response:
- Investigate security incidents and provide recommendations for containment and remediation.
- Coordinate with IT teams and stakeholders to resolve security issues promptly.
Threat Intelligence:
- Stay updated on emerging threats, vulnerabilities, and attack vectors.
- Leverage threat intelligence feeds to enhance detection and prevention capabilities.
Documentation and Reporting:
- Document incident analysis, response actions, and lessons learned.
- Create detailed security incident reports for management and stakeholders.
Security Tool Management:
- Maintain and optimize SOC tools, including SIEM, IDS/IPS, endpoint protection, and firewalls.
- Suggest improvements to SOC processes and tools based on evolving threats and technologies.
Compliance and Best Practices:
- Ensure alignment with organizational security policies and regulatory requirements.
- Promote security awareness and best practices within the organization.
Skills
- Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related field.
- 1-3 years of experience in a SOC role
- Proficiency with SIEM tools (Crowd strike, Google SecOps).
- Knowledge of network protocols, firewalls, intrusion detection/prevention systems, and endpoint security tools.
- Familiarity with threat analysis frameworks (e.g., MITRE ATT&CK).
- Basic scripting or programming knowledge (e.g., Python, PowerShell) is a plus.
Certifications:
- Preferred certifications include CompTIA Security+, CEH, CySA+, or equivalent.
Shyam J
Sr. HR Analyst, India
Chennai India
M: +91 9840833416
