Talent.com
This job offer is not available in your country.
Senior SOC Analyst Level 3

Senior SOC Analyst Level 3

ConfidentialGurgaon / Gurugram
17 days ago
Job description

What will your essential responsibilities include

  • Take full ownership of incidents escalated by Level 2 analysts.
  • Conduct complex investigations and provide advice to L2 SOC analysts.
  • Develop customized scripts and procedures to automate repetitive tasks and improve the efficiency of incident response activities.
  • Provide expert advice on incident remediation and recovery efforts.
  • Develop threat remediation strategies.
  • Perform proactive analysis of AXA XLs attack surface and advice on potential threats and attack vectors.
  • Review and provide feedback on security control capability gaps based on security intrusion trends.
  • Create and refine runbooks / playbooks for all alerts.
  • On-board log sources and work on log issues.
  • Fine-tune EDR and other tooling to exclude noise and false positives.
  • Create and fine-tune content in SIEM - correlation rules, Dashboard and Reports.
  • Interact with SIEM, EDR and other SOC tooling vendors (TAC Support) to remediate any issues with tooling.
  • Monitor API threat detection, reporting and containments.
  • Demonstrate experience in conducting digital forensics investigations relating to incident detection and response.
  • Responsible for making decisions and identifying required actions. During high-severity security incidents, you will advise the AXA XL Head of SOC, CISO and CSO on appropriate containment, eradication, and remediation measures.
  • Provide an after-hours point of escalation for critical incidents.
  • Define the operational roadmap and key metrics for incident detection and response.
  • Collaborate with internal stakeholders to align on and implement security incident detection and response processes.
  • Develop SOC security incident policies and investigation procedures, for use across multiple information systems and teams.
  • Conduct compliance monitoring and perform SOC / SIEM security control testing.
  • Analyze, define, and manage the delivery of new SIEM rules.
  • Conduct use case testing and modify or create as and when required.
  • Create new custom detection rules using KQL.
  • Design and implement SIEM and EDR enhancements and configurations.
  • Manage and represent the Security Operations team on ethical hack exercises. You will report to the Head of SOC.

Required Skills and Abilities :

  • Good knowledge of Microsoft Defender and Microsoft Sentinel, including developing complex KQL queries.
  • Experience in performing digital forensics investigations.
  • Experience in developing scripts (Python, Powershell, etc.) quickly in reaction to incidents.
  • Demonstrate experience of good knowledge in information security principles applied to architecture, networks & systems, digital forensics, security risk assessments and software development).
  • Good knowledge and understanding of technologies utilized in cyber security (SIEM, SOAR, Firewalls, IAM, IDS / IPS, Anti-malware, End Point Protection, Database Security, Threat management / intelligence).
  • Actionable knowledge of MITRE ATT&CK framework.
  • Effective knowledge of exploitable vulnerabilities and remediation techniques.
  • Experience in automating manual processes for responding to security incidents.
  • Experience in threat intelligence and CERT / CSIRT activities.
  • Knowledge of current threat actor techniques.
  • Understanding of threat landscapes and threat modelling, security threat and vulnerability management, and security monitoring.
  • Awareness of tools and techniques used by attackers to enter corporate networks, including common IT system flaws and vulnerabilities.

    • Desired Skills and Abilities :

  • Excellent troubleshooting and critical thinking skills.
  • Experience in SOC documentation development.
  • Demonstrated experience in communicating complex security concepts, both verbally and in writing, to a variety of audiences.
  • Must take ownership of tasks and demonstrate a high degree of autonomy to ensure completion.
  • Must be personable and foster good stakeholder and peer group working relationships.
  • Certifications such as CISSP, GIAC, CEH or other.

    • Skills Required

    GIAC, Ceh, Troubleshooting, Soc, Cissp, CERT

    Create a job alert for this search

    Soc Analyst • Gurgaon / Gurugram