Search by job, company or skills

Onzestt Services India Private Limited

SOC Analyst ( Tier 2 )

Save
  • Posted 19 days ago
  • Over 200 applicants
Quick Apply

Job Description

The Opportunity

As the SOC Analyst Tier 2 you will be responsible for monitoring, detecting, containing, and remediating security incidents utilizing a suite of security software tools. This critical role supports the internal JLR SOC and directing an outsourced tier 1 2 SOC MSSP to deliver robust security operations.

Key Performance Indicators

  • Number of identified vulnerabilities
  • Number of vulnerabilities contained
  • Number of vulnerabilities mitigated
  • Time to detect
  • Time to respond
  • Time to mitigate

Key Responsibilities:

  • Manage a suite of Security Products.
  • Evaluates incidents identified by tier 1 analysts
  • Uses threat intelligence such as updated rules and Indicators of Compromise (IOCs) to pinpoint affected systems and the extent of the attack.
  • Consolidating data from alert triage to provide context necessary to initiate Tier-3 work
  • Conduct security research and intelligence gathering on emerging threats
  • Can offer SME advice to security driven projects.
  • Ability to provide technical and service leadership to T1 analysts
  • Good understanding of ITIL processes, including Change Management, Incident Management and Problem Management.
  • Contribute to Incident Response investigations working with the Incident Response team.
  • Continual development of analysis playbooks and tradecraft
  • Proactively contribute to SOC strategy by refining standards, processes and procedures.
  • Handle incidents across Windows, Mac, and Linux platforms.
  • Develop and improve processes for incident detection and the execution of countermeasures.
  • Actively maintains awareness of developments in the intrusion analysis, incident response and information security fields.
  • Maintaining SecOps documentation.
  • Conduct proactive threat research

Key Interactions

  • External Security Operations Centre (currently TCS)
  • Manufacturing
  • Engineering
  • Data Protection Officer / Legal
  • Business Protection
  • Other IT functions
  • GDPR

Knowledge, Skills and Experience

Essential:

  • Experience working within a SOC / NOC environment
  • Experience in handling incident response for large organizations
  • Experience in NextGen EPP and EDR such as SentinelOne
  • Background in Vulnerability Management such as Qualys
  • Customer-oriented, flexible and demonstrated tendency to go above and beyond
  • Ability to communicate efficiently with clients and internal team members at all levels and across functional and organizational boundaries.
  • Comfortable working against deadlines in a fast-paced environment.
  • TCP/IP Networking
  • Familiarity with common IDS/IPS and Firewalls
  • Incident handling/response.
  • Some out of hours work may be required to support incidents and investigations
  • Problem solving skills and ability to work under pressure
  • Engineering experience supporting the following technologies:
  • Tibco logging management.
  • SIEM technologies (Exabeam & LogRhythm)
  • McAtee ePO

Desirable:

  • Qualifications:
  • CEH
  • CompTIA CySA+
  • GSEC
  • SSCP
  • CISSP
  • ITIL
  • Experience of network-based User Behaviour Analytics (DarkTrace, ArcSight User Behaviour Analytics etc)
  • Experience of security assessment and penetration testing tools
  • Experience of packet-capture tools and analysis of packet flows

Personal Profile

Essential:

  • An individual with a customer first mindset who is easy to do business with and makes people feel special, driven to deliver experiences that are personalised, transparent and dependable.
  • An individual who is results driven, demonstrates, tenacity, drive and perseverance, with the ability to deliver in a complex, highly demanding environment.
  • An individual with the ability to combine a short term, pragmatic focus with longer term planning
  • An individual who is resilient, energetic and enthusiastic, able to deliver results under pressure, whilst responding constructively to challenging new ideas and inputs
  • An individual who can challenge existing thinking in a positive way whilst building credibility and trust through experience and personal style
  • A good communicator who can communicate complex ideas
  • An effective team player, actively leads, develops and supports team members

Desirable:

  • An individual who enables speed in decision making through establishing alignment, clarity, appropriate resources and sense of urgency whilst bringing others along.

Job ID: 104345347