Senior Soc Analyst

Role**: SOC Analyst Splunk

Required Technical Skill Set**: SIEM: Splunk

SOAR: Splunk

Ticketing system: ServiceNow, Ivanti or ZenDesk

Location: Noida

Experience: 8+ Years

Job Description:

Must Have:

• Experience in one of the following roles: SOC L3, IR, TH or CSIR.
• Hands-on experience in security incident response in large scale enterprises/organizations.
• In-depth knowledge of APT groups and campaigns targeting CLOUD and OT environments, including their preferred TTP's;
• Understanding of cloud security (AWS, Azure, GCP) and hybrid security architectures.
• Experienced in determining the relevance and urgency of alerts and in escalating tickets;
• Excellent analytical and problem-solving skills as well as interpersonal skills to interact with team members, multiple stakeholders, vendors, and upper management;
• Experience with a ticketing platform or case management platform;
• Experienced in building and enhancing processes, procedures, tools and methodologies used in SOC environment;

Roles and Responsibilities:

1.Own end-to-end security cases, ranging from user reported events, tool generated alerts, mdr

escalations, thorough anomalous activity discovery by leveraging threat hunting techniques, until the

root cause is capture and documented (end to end case management);

2. Perform deep-dive investigations by correlating siem, edr, network, cloud, identity, email, proxy and

SaaS telemetry to determine, blast radius, and business impact, delivering a defensible and evidence

package while maintaining a close collaboration with our numerous enterprise teams (such ass: app

sec, grc, vm, network, devops, fw-waf, etc.);

3. Execute response actions per ir playbooks (example: endpoint isolation, nac/fw blocks, account

disables, session or key revocation, etc.);

4. Triage user security requests from the SOC mailbox and ticketing platform (example: e-mail analysis

request/quarantine release, SaaS instance/system level log reviews, etc.);

5. Author and maintain version controlled the soc's ir playbooks, sop's, processes, kb (tribal knowledge)