Security Operations Center Analyst (L3,7+ Yrs IBM Qradar, Threat hunting)

Role : SOC Analyst, L3

Location : Mumbai (WFO)

Primary Responsibilities

• Advanced Cyber Analytics, Proactively drive hunting and analysis against the dataset available for customers
• Work with our security operations center (SOC) and take the lead role in threat detection and incident response activities
• Leverage internal and external resources to research threats, vulnerabilities, and intelligence on various attackers and attack infrastructure
• Use Big Data Analytics platform to identify threats, determine root cause, scope, and severity of each and compile/report findings
• Work with Threat Intelligence and Malware solutions to identify threats, develop or recommend countermeasures, and perform advanced network and host analysis in the event of a compromise
• Leveraging tactical and technical intelligence for eradication of threats
• Characterize suspicious binaries and be able identify traits, C2, and develop network and host-based IOCs
• Identify potential malicious activity from memory dumps, logs, and packet captures
• Through review and analysis of cyber threats, provide both internal & external parties key information to respond to threat
• Participate as part of a close team of technical specialists on coordinated responses and subsequent remediation of security incidents
• Interface with customers on a daily basis to consult with them on best security practices and help them mature their security posture
• Create Threat Models based on Mitre ATT&CK framework and cyber kill chain for customers
• Linking of threat models with SIEM use cases and hunting exercises
• Basic Malware Analysis
• Work with SOAR platforms to generate and configure orchestration workflows and responses

Secondary Responsibilities

• Creation of Knowledge base
• Guide Cyber SOC Team to have new unique use cases on SIEM
• Self-development through training

Typical Years of Experience

• 57 years (Relevant)

Educational Qualification

• BE/BSC(Comp/IT)

(or equivalent)

Technical Skills

• Advanced operational experience as a Cyber Threat Hunter
• Experience of current threats, vulnerabilities, and attack trends
• Critical thinking and problem solving skills
• Experience with SIEM (DNIF/Qradar), BIG data platforms, Threat Intelligence solutions
• Familiarity with netflow data, packet analysis and operating system knowledge

Certifications like GCIA or GCIH, CTIA etc will be given preference

Soft Skills

• Self driven and motivated to achieve success
• Good communication skills
• Team Player
• Assertive in communication

Key Competencies

Good communication skills