No longer accepting applications

(Urgent Search) Security Operations Center Analyst

LenovoBengaluru, Karnataka, India

1 day ago

Job description

PFB the JD : Job Description

Security Operations Centre (SOC) Analyst plays a vital role in Security delivery. As a SOC Analyst Level 3, you will be on the front line of Cyber Defense, detecting & responding to Cyber Incidents as they happen. You will work with other team members to provide situational awareness through detection, containment, and remediation of IT threats. This job requires great attention to detail and general awareness of Cyber Security tools like SIEM, XDR, EDR, IDS / IPS, ability understand various logs - network logs, sys logs, Firewall logs. As a SOC Analyst you are expected to have working knowledge in areas of networking, malware analysis, incident response, vulnerability management.

Threat & vulnerability analysis
Investigate, document & report Information security issues & emerging trends
Analysis & response to unknown vulnerabilities

Responsibilities

As a SOC Analyst - Level 3, you will :

Operate as detection and security incident response subject-matter expert

Technical subject-matter expert in SOC / SIEM and supporting technologies (EDR, UEBA, etc.) to develop custom queries (e.g., KQL) and playbooks for the SOC analysts to utilize in their investigations.

Align and maintain detection capability to the Mitre attack framework.

Perform root cause analysis of detection failures, identify areas for improvement.

Drive the continuous development of detection capability for SOC

Manage, investigate, and resolve complex issues with the Security tooling.

Securely configure the SIEM, and other SOC solutions in accordance with relevant policy and regulation

Support the Threat hunters in executing complex data analysis.

Provide a point of escalation for SOC / security detection technical service issues.

Ensure the relevant security tools are compliant with company standards and governance.

Contribute to existing Policy, procedures and process documentation enhancements

Define and implement technical governance processes for security tooling of SOC, SIEM and other security tools including AV, EDR, Defender Cloud.

Create and review detection technology high and low level designs.

Propose and identify automation opportunities resulting from incidents;

Provide recommendations to the Client team, on how to mitigate or avert the occurrence of any suspicious activity within their environment.

Provide In depth analysis to the user / customer about the security incidents (eg. Phishing attack)

Troubleshoot connector / logger / Manager for log retrievals

Prepare SOC Management Reports.

Analyzing & preparing daily and monthly reports based on the devices which are being monitored

Creating Reports and Dashboards based on the customer requirement.

Creating Queries for the Rules requested by client for real time alerts.

Creating Reports which helps in providing the logs for the alerts, for finding any possible threats.

Analyze a variety of network and host-based security appliance logs (Firewalls, NIDS, HIDS, Sys Logs, etc.) to determine the correct remediation actions and escalation paths.

Independently follow procedures to contain, analyze, and eradicate malicious activity.

Change Management / Implementation : Independently implement changes to meet customer infrastructure needs within area of technical responsibility

Patch and Security Management : Apply patch and security changes per policy.

Configuration Management : Review Configuration Management Database (CMDB) entries to ensure they are complete and accurate.

Quality : Provide continual improvement recommendations for direct responsibility area (process improvement, technical standard updates, etc).

Project Management : Lead & participate in customer and internal projects, including transformation.

Customer Relationship Management : Set expectations with customers and / or internal businesses / end users within defined parameters.

Teamwork : Work as part of a team, which may be virtual and / or global. Participate as part of a team and maintains good relationships with team members and customers

Skill

8 - 12 years of relevant experience

Typical skills include :

Fine-tune SIEM and other SOC tooling to exclude noise and false positives

Create and fine-tune content in SIEM - correlation rules, Dashboard and Reports etc

Interact with SIEM, EDR and NDR vendors (TAC Support) to remediate any issues with tooling

Evaluate new solutions for SOC

Identify opportunities to improve overall capacity, playbook and runbook

Understanding of threat landscapes and threat modelling, security threat and vulnerability management, and security monitoring

Working knowledge of tools and techniques used by attackers to gain entry into corporate networks, including common IT system flaws and vulnerabilities.

Knowledge of industry standards such as ISO 27001, HIPAA, FedRAMP, Cloud Security Alliance, NIST frameworks and risk methodologies

Demonstrated experience in communicating complex security concepts, both verbally and in writing, to a variety of audiences

Must take ownership of tasks and demonstrate high degree of autonomy to ensure completion

Excellent understanding of related technologies (Networking, Operating Systems)

General Project Management (Expert)

Customer / Vendor Management (IExpert)

Business Analysis (Expert)

Has ability to perform / drive resolution of problems on individual products.

Able to communicate broad and specific concepts with team and to peers.

Able to produce documentation for use by team and customer.

Able to perform / drive resolution of problems on combinations and interactions of products

Strong verbal & written communication skills

Proactive approach to meet & exceed goals

Qualification & Experience

Bachelor’s degree in engineering (Electronics, Communication, Computer Science)

8 - 12 years of relevant experience in SOC domain

Strong understanding ITIL process

Recognized Cyber Security certifications, such as CISSP, CISM, SANS, SABSA, OSCP are advantageous.

Microsoft Security and compliance certifications such as SC-200, MS-500 and AZ-500 preferred

Create a job alert for this search

Urgent Search Analyst • Bengaluru, Karnataka, India

Related jobs

Promoted

Cyber Security Engineer

AnumanaBengaluru, Karnataka, India

Position : Cyber Security Engineer.Work Mode : Hybrid (3 days in the office, 2 days remote).Anumana is seeking a skilled and motivated Cybersecurity Engineer to ensure the security, integrity, and co...Show moreLast updated: 30+ days ago

Promoted

Cyber Security Engineer

Nexoria Techworks Inc.Bengaluru, Karnataka, India

Job Description : Cybersecurity Engineer.Cybersecurity, Information Security, Threat Management.Your core responsibilities will include : . Implement security measures to proactively identify and mitig...Show moreLast updated: 20 days ago

Promoted

Gigsky - Cyber Security Engineer

Gigsky India Pvt LtdBangalore

Our patented eSIM technology and enterprise-grade management tools eliminate roaming fees and deliver local connectivity across borders. As we scale our impact across B2B, IoT, and consumer markets,...Show moreLast updated: 30+ days ago

Promoted

Lead Plant Security

Tata ElectronicsHosur, Tamil Nadu, India

Head of Security (Corporate) TEPL.Electronics Manufacturing Services, Semiconductor Assembly & Test, Semiconductor Foundry, and Design Services. Established in 2020 as a greenfield venture of the Ta...Show moreLast updated: 20 days ago

Promoted

Cyber Security Engineer - Palo Alto Firewall

Digihelic Solutions Private LimitedBangalore

Job Title : Cybersecurity Professional Network Security (Firewall, FortiGate, Palo Alto).Location : Bangalore, India.Experience : 5+ Years.Employment Type : ...Show moreLast updated: 12 days ago

Promoted

Cyber Security Analyst - SIEM

hithonix solutionsBangalore

Job Summary : We are seeking a highly skilled Cyber Security Analyst to monitor, analyze, and protect our systems and networks from potential security threats.The id...Show moreLast updated: 3 days ago

Promoted

Senior Cyber Security Engineer

Resource Tree Global ServicesBangalore

Position Title : Senior Cyber Security Engineer / Cyber Security Engineer Experience : 3 to 6yrs / Location Bangalore ...Show moreLast updated: 30+ days ago

Promoted

Cyber Security Analyst

Digivance SolutionBangalore

Job Title : Cyber Security : : 1-3 Years Key Responsibilities : < / ...Show moreLast updated: 30+ days ago

Promoted

Cyber Security Lead Analyst - Pentesting

Societe Generale Global Solution CentreBengaluru, Karnataka, India

Expertise in conducting penetration testing on various infrastructure and network components including Cloud, Wireless LAN, Active directory etc. Thorough understanding of application architectures,...Show moreLast updated: 7 days ago

Promoted

Cyber Security Analyst

Hithonix Solutions Private LimitedBengaluru, Karnataka, India

About Hithonix Solutions Pvt Ltd : .Hithonix Solutions Pvt Ltd is a forward-looking technology company committed to delivering innovative software solutions that drive business success for our client...Show moreLast updated: 16 days ago

Promoted

DevSecOps Engineer

Best Infosystems Ltd.Greater Bengaluru Area, India

DevSecOps Engineer_Full-Time_Bangalore, Pune.DevSecOps Engineering with 7 plus years of experience, he / she will use their experience and knowledge to design, implement, and support complex DevSecOp...Show moreLast updated: 30+ days ago

Promoted

Cyber Security Analyst - Firewall / DHCP

KBD Talent Forge India Pvt LtdBangalore

Responsibilities : - Collaboration with the wider GCO teams and wider businessfunction teams where applicable in the pro...Show moreLast updated: 30+ days ago

Promoted

Cyber Security Engineer

Tata Consultancy ServicesBengaluru, Karnataka, India

Cyber Security & Infrastructure Engineer - Multiple Roles.Mumbai, Chennai, Bangalore, Hyderabad.We are hiring experienced professionals across various domains in Cyber Security, Identity & Access M...Show moreLast updated: 9 days ago

Promoted

Application Security Architect

YASH TechnologiesGreater Bengaluru Area, India

Role : Application Security Architect.This role is responsible for architecting, designing security controls for applications. The successful candidate will lead efforts to establish and improve secu...Show moreLast updated: 20 days ago

Promoted

Cyber Security Engineer - Vulnerability Assessment

ENTER RecruitmentBangalore

We are seeking a skilled and passionate Cybersecurity Engineer to play a pivotal role in designing and implementing robust security measures for Parspec's systems. As an early member of our eng...Show moreLast updated: 30+ days ago

Promoted

AI Cyber Security Engineer

EMBARKBangalore

Description : Roles & Responsibility : - Develop and execute strategies to s...Show moreLast updated: 24 days ago

Promoted

Cyber Security Engineer - Certified Hacking Methodology

AZKASHINE SOFTWARE & SERVICES PVT LTDBangalore

Description : Seeking 3 experienced Cyber Security Engineers for wireless telecom infrastructure including RAN, Core, and Edge components. Candidates must have hands-o...Show moreLast updated: 11 days ago

Promoted
New!

Cyber Security Automative Engineer - Threat Detection

FINDERNEST SOFTWARE SERVICESBangalore

Description : Job Role : Automotive Cybersecurity Engineer - TARA Analysis This role involves conducting and facilitating pene...Show moreLast updated: 21 hours ago