Threat Detection and Response Analyst
LenovoBengaluru, Republic Of India, IN10 days ago
Job descriptionOperate as detection and security incident response subject-matter expert Technical subject-matter expert in SOC / SIEM and supporting technologies (EDR, UEBA, etc.) to develop custom queries (e.G., KQL) and playbooks for the SOC analysts to utilize in their investigations. Align and maintain detection capability to the Mitre attack framework. Perform root cause analysis of detection failures, identify areas for improvement. Drive the continuous development of detection capability for SOC Manage, investigate, and resolve complex issues with the Security tooling. Securely configure the SIEM, and other SOC solutions in accordance with relevant policy and regulation Support the Threat hunters in executing complex data analysis. Provide a point of escalation for SOC / security detection technical service issues. Ensure the relevant security tools are compliant with company standards and governance. Contribute to existing Policy, procedures and process documentation enhancements Define and implement technical governance processes for security tooling of SOC, SIEM and other security tools including AV, EDR, Defender Cloud. Create and review detection technology high and low level designs. Propose and identify automation opportunities resulting from incidents; Provide recommendations to the Client team, on how to mitigate or avert the occurrence of any suspicious activity within their environment. Provide In depth analysis to the user / customer about the security incidents (eg. Phishing attack) Troubleshoot connector / logger / Manager for log retrievals Prepare SOC Management Reports. Analyzing & preparing daily and monthly reports based on the devices which are being monitored Creating Reports and Dashboards based on the customer requirement. Creating Queries for the Rules requested by client for real time alerts. Creating Reports which helps in providing the logs for the alerts, for finding any possible threats. Analyze a variety of network and host-based security appliance logs (Firewalls, NIDS, HIDS, Sys Logs, etc.) to determine the correct remediation actions and escalation paths. Independently follow procedures to contain, analyze, and eradicate malicious activity. Change Management / Implementation : Independently implement changes to meet customer infrastructure needs within area of technical responsibility Patch and Security Management : Apply patch and security changes per policy. Configuration Management : Review Configuration Management Database (CMDB) entries to ensure they are complete and accurate. Quality : Provide continual improvement recommendations for direct responsibility area (process improvement, technical standard updates, etc). Project Management : Lead & participate in customer and internal projects, including transformation. Customer Relationship Management : Set expectations with customers and / or internal businesses / end users within defined parameters. Teamwork : Work as part of a team, which may be virtual and / or global. Participate as part of a team and maintains good relationships with team members and customers Fine-tune SIEM and other SOC tooling to exclude noise and false positives Create and fine-tune content in SIEM - correlation rules, Dashboard and Reports etc Interact with SIEM, EDR and NDR vendors (TAC Support) to remediate any issues with tooling Evaluate new solutions for SOC Identify opportunities to improve overall capacity, playbook and runbook Understanding of threat landscapes and threat modelling, security threat and vulnerability management, and security monitoring Working knowledge of tools and techniques used by attackers to gain entry into corporate networks, including common IT system flaws and vulnerabilities. Knowledge of industry standards such as ISO 27001, HIPAA, FedRAMP, Cloud Security Alliance, NIST frameworks and risk methodologies Demonstrated experience in communicating complex security concepts, both verbally and in writing, to a variety of audiences Must take ownership of tasks and demonstrate high degree of autonomy to ensure completion Excellent understanding of related technologies (Networking, Operating Systems) General Project Management (Expert) Customer / Vendor Management (IExpert) Business Analysis (Expert) Has ability to perform / drive resolution of problems on individual products. Able to communicate broad and specific concepts with team and to peers. Able to produce documentation for use by team and customer. Able to perform / drive resolution of problems on combinations and interactions of products Strong verbal & written communication skills Proactive approach to meet & exceed goals
PFB the JD : Job Description
Security Operations Centre (SOC) Analyst plays a vital role in Security delivery. As a SOC Analyst Level 3, you will be on the front line of Cyber Defense, detecting & responding to Cyber Incidents as they happen. You will work with other team members to provide situational awareness through detection, containment, and remediation of IT threats. This job requires great attention to detail and general awareness of Cyber Security tools like SIEM, XDR, EDR, IDS / IPS, ability understand various logs - network logs, sys logs, Firewall logs. As a SOC Analyst you are expected to have working knowledge in areas of networking, malware analysis, incident response, vulnerability management.
- Threat & vulnerability analysis
- Investigate, document & report Information security issues & emerging trends
- Analysis & response to unknown vulnerabilities
Responsibilities
As a SOC Analyst - Level 3, you will :
Skill
8 - 12 years of relevant experience
Typical skills include :
Qualification & Experience
Bachelor’s degree in engineering (Electronics, Communication, Computer Science)
8 - 12 years of relevant experience in SOC domain
Strong understanding ITIL process
Recognized Cyber Security certifications, such as CISSP, CISM, SANS, SABSA, OSCP are advantageous.
Microsoft Security and compliance certifications such as SC-200, MS-500 and AZ-500 preferred
Create a job alert for this search
Threat Detection And • Bengaluru, Republic Of India, IN
Related jobs
- Promoted
Sr Threat Detection Engineer
Insight Globalhosur, tamil nadu, in Exact compensation may vary based on several factors, including skills, experience, and education.We are seeking a highly experienced Senior Detection Engineer to lead the development and optimizat...Show moreLast updated: 12 days ago
- Promoted
Threat Detection and Remediation Specialist
Palo Alto NetworksBengaluru, Republic Of India, IN At Palo Alto Networks® everything starts and ends with our mission : .Being the cybersecurity partner of choice, protecting our digital way of life.
Our vision is a world where each day is safer and m...Show moreLast updated: 30+ days ago
- Promoted
SOC Security Analyst
Tata Consultancy ServicesBengaluru, Republic Of India, IN Establish goals and priorities by working closely with your team to identify the most critical focus areas.Improving incident response times.
Reducing false positives and other extraneous alerts.Enh...Show moreLast updated: 18 days ago
- Promoted
Threat Detection Engineer
MUFGBengaluru, Republic Of India, IN Japan’s premier bank, with a global network spanning in more than 40 markets.Outside of Japan, the bank offers an extensive scope of commercial and investment banking products and services to busin...Show moreLast updated: 12 days ago
- Promoted
Security Operations Center Analyst
Tata Consultancy ServicesBengaluru, Karnataka, India Establish goals and priorities by working closely with your team to identify the most critical focus areas.These include : - Improving incident response times - Reducing false positives and other ex...Show moreLast updated: 30+ days ago
- Promoted
Threat Detection Specialist
Webologix Ltd / INCBengaluru, Republic Of India, IN Review daily operational activities and timely mentor junior analysts.Conduct detailed analysis on escalated events and handover the call to the Incident Response team along with appropriate eviden...Show moreLast updated: 30+ days ago
- Promoted
Cyber Security Incident Response Analyst
LenovoBengaluru, Republic Of India, IN Security Operations Centre (SOC) Analyst plays a vital role in Security delivery.As a SOC Analyst Level 3, you will be on the front line of Cyber Defense, detecting & responding to Cyber Incidents ...Show moreLast updated: 10 days ago
- Promoted
Security & Compliance Analyst
TELUS DigitalBengaluru, Karnataka, India This job is with TELUS Digital, an inclusive employer and a member of myGwork – the largest global platform for the LGBTQ+ business community.
Please do not contact the recruiter directly.Descriptio...Show moreLast updated: 5 days ago
- Promoted
Forward Deployed Analyst (Ex-IB / PE / HF / Buyside)
Arcanahosur, tamil nadu, in Forward-Deployed Analyst – Portfolio Intelligence.Arcana builds institutional-grade analytics for leading hedge funds and asset managers.
We’re hiring exceptional analysts to partner with portfolio ...Show moreLast updated: 30+ days ago
- Promoted
Managed Detection and Response Analyst
Palo Alto NetworksBengaluru, Republic Of India, IN At Palo Alto Networks® everything starts and ends with our mission : .Being the cybersecurity partner of choice, protecting our digital way of life.
Our vision is a world where each day is safer and m...Show moreLast updated: 30+ days ago
- Promoted
Cybersecurity Monitoring and Response Analyst
Tata Consultancy ServicesBengaluru, Republic Of India, IN Deep technical expertise in Endpoint security technology domain with demonstrated expertise in one or more of the following areas – EDR, HIPS, Anti-Malware, FIM, Server Protection.Proven experience...Show moreLast updated: 30+ days ago
- Promoted
Security Analyst
Tata Consultancy ServicesBengaluru, Karnataka, India Deep technical expertise in Endpoint security technology domain with demonstrated expertise in one or more of the following areas – EDR, HIPS, Anti-Malware, FIM, Server Protection.Proven experience...Show moreLast updated: 30+ days ago
- Promoted
Security Incident Response Analyst
Tata Consultancy ServicesBengaluru, Republic Of India, IN Establish goals and priorities by working closely with your team to identify the most critical focus areas.Improving incident response times.
Reducing false positives and other extraneous alerts.Enh...Show moreLast updated: 18 days ago
- Promoted
Threat Detection Engineer
Tata Consultancy ServicesBengaluru, Republic Of India, IN Tata Consultancy Services is hiring for Sr SIEM Admin.SIEM admin with minimum 5+ yrs of exp,strong knowledge in Custom parser development,.
Threat detection use-case designing, implementation and fi...Show moreLast updated: 30+ days ago
- Promoted
Security Engineer (Detection and Response)
FoodsmartBengaluru, IN Foodsmart is the leading telenutrition and foodcare solution, backed by a robust network of Registered Dietitians.Our platform is designed to foster healthier food choices, drive lasting behavior c...Show moreLast updated: 18 days ago
- Promoted
Telemetry Analyst
Greymatter Innovationzhosur, tamil nadu, in Greymatter Innovationz helps you stay digitally relevant across domains, technologies, and skillsets, every day.Support building an Enterprise Data Lakehouse focused on observability.Define relevan...Show moreLast updated: 13 days ago
- Promoted
Fraud Detection Analyst
DIGITAL HARBOR, Inc.Bengaluru, Republic Of India, IN Know Your Customer’ (KYC) in its credit.Its oeuvre, for last 20 years, is marked with disruptive platforms and products that have transformed the way enterprises operate.
Its current focus is on a f...Show moreLast updated: 20 days ago
- Promoted
Senior Threat Intelligence Analyst
FICOBengaluru, Republic Of India, IN FICO (NYSE : FICO) is a leading analytics software company, helping businesses in 90+ countries make better decisions that drive higher levels of growth, profitability and customer satisfaction.The ...Show moreLast updated: 30+ days ago