No longer accepting applications

▷ (Apply in 3 Minutes) Security Operations Center Analyst

LenovoIndia

10 hours ago

Job description

PFB the JD : Job Description

Security Operations Centre (SOC) Analyst plays a vital role in Security delivery. As a SOC Analyst Level 3, you will be on the front line of Cyber Defense, detecting & responding to Cyber Incidents as they happen. You will work with other team members to provide situational awareness through detection, containment, and remediation of IT threats. This job requires great attention to detail and general awareness of Cyber Security tools like SIEM, XDR, EDR, IDS / IPS, ability understand various logs - network logs, sys logs, Firewall logs. As a SOC Analyst you are expected to have working knowledge in areas of networking, malware analysis, incident response, vulnerability management.

Threat & vulnerability analysis
Investigate, document & report Information security issues & emerging trends
Analysis & response to unknown vulnerabilities

Responsibilities

As a SOC Analyst - Level 3, you will :

Operate as detection and security incident response subject-matter expert

Technical subject-matter expert in SOC / SIEM and supporting technologies (EDR, UEBA, etc.) to develop custom queries (e.g., KQL) and playbooks for the SOC analysts to utilize in their investigations.

Align and maintain detection capability to the Mitre attack framework.

Perform root cause analysis of detection failures, identify areas for improvement.

Drive the continuous development of detection capability for SOC

Manage, investigate, and resolve complex issues with the Security tooling.

Securely configure the SIEM, and other SOC solutions in accordance with relevant policy and regulation

Support the Threat hunters in executing complex data analysis.

Provide a point of escalation for SOC / security detection technical service issues.

Ensure the relevant security tools are compliant with company standards and governance.

Contribute to existing Policy, procedures and process documentation enhancements

Define and implement technical governance processes for security tooling of SOC, SIEM and other security tools including AV, EDR, Defender Cloud.

Create and review detection technology high and low level designs.

Propose and identify automation opportunities resulting from incidents;

Provide recommendations to the Client team, on how to mitigate or avert the occurrence of any suspicious activity within their environment.

Provide In depth analysis to the user / customer about the security incidents (eg. Phishing attack)

Troubleshoot connector / logger / Manager for log retrievals

Prepare SOC Management Reports.

Analyzing & preparing daily and monthly reports based on the devices which are being monitored

Creating Reports and Dashboards based on the customer requirement.

Creating Queries for the Rules requested by client for real time alerts.

Creating Reports which helps in providing the logs for the alerts, for finding any possible threats.

Analyze a variety of network and host-based security appliance logs (Firewalls, NIDS, HIDS, Sys Logs, etc.) to determine the correct remediation actions and escalation paths.

Independently follow procedures to contain, analyze, and eradicate malicious activity.

Change Management / Implementation : Independently implement changes to meet customer infrastructure needs within area of technical responsibility

Patch and Security Management : Apply patch and security changes per policy.

Configuration Management : Review Configuration Management Database (CMDB) entries to ensure they are complete and accurate.

Quality : Provide continual improvement recommendations for direct responsibility area (process improvement, technical standard updates, etc).

Project Management : Lead & participate in customer and internal projects, including transformation.

Customer Relationship Management : Set expectations with customers and / or internal businesses / end users within defined parameters.

Teamwork : Work as part of a team, which may be virtual and / or global. Participate as part of a team and maintains good relationships with team members and customers

Skill

8 - 12 years of relevant experience

Typical skills include :

Fine-tune SIEM and other SOC tooling to exclude noise and false positives

Create and fine-tune content in SIEM - correlation rules, Dashboard and Reports etc

Interact with SIEM, EDR and NDR vendors (TAC Support) to remediate any issues with tooling

Evaluate new solutions for SOC

Identify opportunities to improve overall capacity, playbook and runbook

Understanding of threat landscapes and threat modelling, security threat and vulnerability management, and security monitoring

Working knowledge of tools and techniques used by attackers to gain entry into corporate networks, including common IT system flaws and vulnerabilities.

Knowledge of industry standards such as ISO 27001, HIPAA, FedRAMP, Cloud Security Alliance, NIST frameworks and risk methodologies

Demonstrated experience in communicating complex security concepts, both verbally and in writing, to a variety of audiences

Must take ownership of tasks and demonstrate high degree of autonomy to ensure completion

Excellent understanding of related technologies (Networking, Operating Systems)

General Project Management (Expert)

Customer / Vendor Management (IExpert)

Business Analysis (Expert)

Has ability to perform / drive resolution of problems on individual products.

Able to communicate broad and specific concepts with team and to peers.

Able to produce documentation for use by team and customer.

Able to perform / drive resolution of problems on combinations and interactions of products

Strong verbal & written communication skills

Proactive approach to meet & exceed goals

Qualification & Experience

Bachelor’s degree in engineering (Electronics, Communication, Computer Science)

8 - 12 years of relevant experience in SOC domain

Strong understanding ITIL process

Recognized Cyber Security certifications, such as CISSP, CISM, SANS, SABSA, OSCP are advantageous.

Microsoft Security and compliance certifications such as SC-200, MS-500 and AZ-500 preferred

Create a job alert for this search

Operation • India

Related jobs

Promoted

Security Operations Center

PeoplefyIndia

I am on lookout for Security Operations Center - Specialist for leading product based MNC in Pune, Kharadi.Kindly refer below JD & share your resume on zoya. Experience with SOC, Threat Monitoring.E...Show moreLast updated: 30+ days ago

Promoted
New!

Cyber Security Analyst

AMSYS IT SERVICES PRIVATE LIMITEDIndia

Cyber Security Analyst Timings : .Kolshet, Thane West (Work from office) Total Experience : .About the Company AMSYS ™Group , We pride ourselves on 23 Years of excellence based on the principles of int...Show moreLast updated: 22 hours ago

Promoted

Datacenter Operations Specialist

Tanla Platforms LimitedIndia

As an Analyst – Data Centre Operations, you will be responsible for the end-to-end management of Tanla’s data center environments, covering physical infrastructure (compute, storage, network, and p...Show moreLast updated: 11 days ago

Promoted

▷ Apply in 3 Minutes! Security Operations Center Analyst

Tata Consultancy ServicesIndia

Establish goals and priorities by working closely with your team to identify the most critical focus areas.These include : - Improving incident response times - Reducing false positives and other ex...Show moreLast updated: 14 days ago

Promoted
New!

Security Operations Center Analyst

LenovoIndia

Promoted

Security Operations Center Analyst

Insight GlobalIndia

Security Operations Center (SOC) Analyst.Microsoft Defender (Endpoint, Identity, and Cloud).This role is critical for monitoring, analyzing, and responding to security threats across cloud and hybr...Show moreLast updated: 7 days ago

Promoted

Senior Security Operations Analyst

DAZNIndia

Join DAZN's Security Operations team as a Security Operations Analyst and help protect the world's leading global sports streaming platform. You'll be part of a dynamic team responsible for detectin...Show moreLast updated: 30+ days ago

Promoted

Security Operations Center Architect

Tata Consultancy ServicesIndia

Upgrade and maintenance of SIEM Device - Cyber incident and forensic investigation.Logs analysis and co-relation of security events. Self-motivated and quick learner and should be flexible in workin...Show moreLast updated: 11 days ago

Promoted

Security Operations Analyst

Insight GlobalIndia

We are seeking a Security Operations Center (SOC) Analyst with hands-on experience in Secureworks Taegis and Microsoft Defender (Endpoint, Identity, and Cloud) to join our cybersecurity team.This r...Show moreLast updated: 8 days ago

Promoted

Security Operations Center Analyst

PeoplefyIndia

We're Hiring : SOC Specialist | Pune.Are you passionate about cybersecurity and eager to make an impact in threat detection and incident response? We’re looking for a skilled SOC Specialist to join ...Show moreLast updated: 30+ days ago

Promoted
New!

Apply Now : Security Operations Center Analyst

Insight GlobalIndia

Promoted
New!

▷ (15h Left) Security Operations Center Analyst

LenovoIndia

Promoted
New!

Security Operations Center Analyst

MyRemoteTeam IncIndia, India

Hiring : Senior SOC Analyst (Remote).Tier 2 or higher) for a potential long-term project.If you’re a cybersecurity professional passionate about investigation, threat analysis, and proactive defense...Show moreLast updated: 16 hours ago

Promoted

L2 Security Analyst- SOC Advanced

Art Technology and SoftwareIndia

Job Title : Infosec L2 Security Analyst (Security Operations Center - Advanced).Location : From Kochi Office (Onsite).The L2 Security Analyst is responsible for performing advanced incident analysis,...Show moreLast updated: 10 days ago

Promoted
New!

▷ High Salary! Security Operations Center Analyst - Contract

Dexian IndiaIndia

Bachelor's degree in Cybersecurity, Information Technology, or related field - 4-5 years of experience in SOC operations or cybersecurity roles - Experience with license management and compliance p...Show moreLast updated: 2 hours ago

Promoted

Workday Security System Analyst

AvalaraNagpur, IN

Avalara is an AI-first company.We expect every engineer, manager, and to actively leverage AI to enhance productivity, quality, innovation, and customer value. AI is embedded in our workflows, and p...Show moreLast updated: 11 days ago

Promoted
New!

Security Operations Center Analyst - Contract

Dexian IndiaIndia

Job Description Bachelor's degree in Cybersecurity, Information Technology, or related field 4-5 years of experience in SOC operations or cybersecurity roles Experience with license management and ...Show moreLast updated: 22 hours ago

Promoted

Security Operations Center (SOC) Manager

ColorTokens Inc.India

At ColorTokens, we empower businesses to stay operational and resilient in an increasingly complex cybersecurity landscape. Breaches happen—but with our cutting-edge ColorTokens Xshield™ platform, c...Show moreLast updated: 30+ days ago

Promoted

Security Operations Center Analyst

Tata Consultancy ServicesIndia

Min 8 years professional experience in IT Audit, compliance or security assurance, preferably SOC2 Type II, ISO 27001 Strong knowledge of SOC 2 framework and control requirements Familiarity with S...Show moreLast updated: 30+ days ago

Promoted
New!

▷ Immediate Start : Security Operations Center Analyst

MyRemoteTeam IncIndia

Hiring : Senior SOC Analyst (Remote).We’re looking to connect with experienced Senior SOC Analysts (Tier 2 or higher) for a potential long-term project. If you’re a cybersecurity professional passion...Show moreLast updated: 2 hours ago