Search by job, company or skills

MFX Infotech Private Limited

Senior Security SOC Analyst

Save
  • Posted a month ago
  • Over 300 applicants
Quick Apply

Job Description

Job Title : Senior Security SOC Analyst

Location : Bengaluru, Chennai

Experience : Above 5+Skills

Skills : SIEM,Logrythm,

Job Description :

ESSENTIAL DUTIES AND RESPONSIBILITIES :

• Implement and perform service delivery of Security Operating center

• Conduct and lead incident response activities (triage, root cause analysis, escalations, notifications, communication, etc.) resulting from Information Security incidents consistent with Incident Response processes and procedures.

• Perform in-depth data analysis on various data and media types through the application of advanced methods, tools, and research techniques.

• Respond to, report on, and track security events reported to the SIEM, system and event logs, and other sources which require further analysis.

• Facilitate and lead meetings or discussions pertaining to security issues or potential threats to determine necessary or improved defensive measures or response actions.

• Provide SME leadership throughout the incident response lifecycle.

• Establish and leverage external relationships to obtain cyber and InfoSec threats with context for how it impacts MFX and its clients.

• Monitor internal and external threats; examine logs, events, and alerts generated by multiple platforms for anomalous activity, evidence of security incidents, and other error conditions that may constitute a breach in security or a degradation of integrity or confidentiality of our systems and data.

• Provide forensic support as needed or required for security incidents, potential or adjudicated.

• Provide mentorship and technical guidance to less experienced security analysts.

• Provide input, trends or analytical support to discover anomalous traffic, behaviors or patterns related to new threat activity, policy violations, etc.

• Leverage scripting skills to develop tools for the automation of security processes using Python, Perl, Bash, and PowerShell.

• Work with a wide variety of security tools, both network and system based, as needed.

• Participate in internal projects and initiatives, researching and recommending appropriate security solutions.

• Document processes, policies, reports and procedures as require.

 Knowledge and Skills:

• The successful candidate will have a proven track record 6- 8 years in information security derived from an all-round Information Technology background and SOC/SIEM experience and possess a combination of the following skills, and competencies: ·

• Good working knowledge of Windows operating systems, Linux, networking, LogRhythm, RSA Net witness, troubleshooting, and security strategies. ·

• Solid understanding of additional security technologies / disciplines such as EDR, Palo Alto and Juniper firewalls, intrusion prevention, encryption, threat analysis, and vulnerability assessment.

• Comfortable with managing complex, enterprise-scale logging, including ensuring reporting and alerting is appropriate.

• Strong analytical, documentation, and communication skills, both oral and written

• Good team working skills and ability to work in a distributed global team environment.

• Strong analytical and problem-solving skills.

• Self-motivated, proactive and with determination to achieve goals.

• Proven business skills including effective oral and written communication, issue resolution, project management, and self-motivation.

• Experience with industry recognized SIEM solutions such as LogRhythm, Azure Sentinel

• Relevant security certifications such as CEH, GIAC, GSEC, CISSP

 Technical Skills:

• Exposure to SIEM Alert monitoring and management for multiple SIEM Products

• Working knowledge of at least 3 of the following technologies.

o SIEM tools preferably LogRhythm, Azure Sentinel

o Nessus Vulnerability Assessment

o EDR, EPP, Network Security, Cloud Security, DLP, Encryption, proxy.

• Understanding of alerts from other monitoring systems e.g. DLP, WAF, Anti APT, DAM etc.

• Excellent knowledge of Intrusion Detection (deep TCP/IP knowledge, and Cyber security), various operating systems (Windows/UNIX), and web technologies (focusing on Internet security).

• Ability to read and understand packet level data. Intrusion detection and prevention and Network Security Products (IDS/IPS, firewalls, etc) Host Security Products (HIPS, AV, scanners, etc)

• Knowledge of cutting-edge threats and technologies effecting Web Application vulnerabilities and recent internet threats.

More Info

Job Type:
Function:
Employment Type:

Job ID: 103717073