
Search by job, company or skills

Job Title : Senior Security SOC Analyst
Location : Bengaluru, Chennai
Experience : Above 5+Skills
Skills : SIEM,Logrythm,
Job Description :
ESSENTIAL DUTIES AND RESPONSIBILITIES :
• Implement and perform service delivery of Security Operating center
• Conduct and lead incident response activities (triage, root cause analysis, escalations, notifications, communication, etc.) resulting from Information Security incidents consistent with Incident Response processes and procedures.
• Perform in-depth data analysis on various data and media types through the application of advanced methods, tools, and research techniques.
• Respond to, report on, and track security events reported to the SIEM, system and event logs, and other sources which require further analysis.
• Facilitate and lead meetings or discussions pertaining to security issues or potential threats to determine necessary or improved defensive measures or response actions.
• Provide SME leadership throughout the incident response lifecycle.
• Establish and leverage external relationships to obtain cyber and InfoSec threats with context for how it impacts MFX and its clients.
• Monitor internal and external threats; examine logs, events, and alerts generated by multiple platforms for anomalous activity, evidence of security incidents, and other error conditions that may constitute a breach in security or a degradation of integrity or confidentiality of our systems and data.
• Provide forensic support as needed or required for security incidents, potential or adjudicated.
• Provide mentorship and technical guidance to less experienced security analysts.
• Provide input, trends or analytical support to discover anomalous traffic, behaviors or patterns related to new threat activity, policy violations, etc.
• Leverage scripting skills to develop tools for the automation of security processes using Python, Perl, Bash, and PowerShell.
• Work with a wide variety of security tools, both network and system based, as needed.
• Participate in internal projects and initiatives, researching and recommending appropriate security solutions.
• Document processes, policies, reports and procedures as require.
Knowledge and Skills:
• The successful candidate will have a proven track record 6- 8 years in information security derived from an all-round Information Technology background and SOC/SIEM experience and possess a combination of the following skills, and competencies: ·
• Good working knowledge of Windows operating systems, Linux, networking, LogRhythm, RSA Net witness, troubleshooting, and security strategies. ·
• Solid understanding of additional security technologies / disciplines such as EDR, Palo Alto and Juniper firewalls, intrusion prevention, encryption, threat analysis, and vulnerability assessment.
• Comfortable with managing complex, enterprise-scale logging, including ensuring reporting and alerting is appropriate.
• Strong analytical, documentation, and communication skills, both oral and written
• Good team working skills and ability to work in a distributed global team environment.
• Strong analytical and problem-solving skills.
• Self-motivated, proactive and with determination to achieve goals.
• Proven business skills including effective oral and written communication, issue resolution, project management, and self-motivation.
• Experience with industry recognized SIEM solutions such as LogRhythm, Azure Sentinel
• Relevant security certifications such as CEH, GIAC, GSEC, CISSP
Technical Skills:
• Exposure to SIEM Alert monitoring and management for multiple SIEM Products
• Working knowledge of at least 3 of the following technologies.
o SIEM tools preferably LogRhythm, Azure Sentinel
o Nessus Vulnerability Assessment
o EDR, EPP, Network Security, Cloud Security, DLP, Encryption, proxy.
• Understanding of alerts from other monitoring systems e.g. DLP, WAF, Anti APT, DAM etc.
• Excellent knowledge of Intrusion Detection (deep TCP/IP knowledge, and Cyber security), various operating systems (Windows/UNIX), and web technologies (focusing on Internet security).
• Ability to read and understand packet level data. Intrusion detection and prevention and Network Security Products (IDS/IPS, firewalls, etc) Host Security Products (HIPS, AV, scanners, etc)
• Knowledge of cutting-edge threats and technologies effecting Web Application vulnerabilities and recent internet threats.
Job ID: 103717073
We don’t charge any money for job offers