SOC L1 Engineer

Role

SOC L1 Engineer

Reports to

SOC Technical Lead (L3)

Location

Hyderabad or Mumbai at customer location

Primary KRA of the role

Monitor SIEM alerts and conduct SOP based triaging

Preparation of reports dashboards

Work as primary of interface for customer stakeholders

Job Description

§ Eye on Glass Monitoring on SIEM console

§ Triaging of alerts based on available SOPs

§ Escalate non-SOP alerts to Security Analysts after initial analysis

§ Create new dashboards and monitoring channels for active monitoring of threats. Periodic reporting and dashboarding as per defined frequency

§ Work with customer CFTs (Nw Security, EP security) for blocking IOCs

§ Monitor SLA and tracking of same to ensure that targets are met and escalating tickets approaching SLA breach levels

§ Follow up, Escalation of tickets.

§ Work on rotational shifts (24 X 7) as per roster which may include public holidays and weekends

§ Coordination and communication during major incident response

Mandatory Technology Knowledge

§ Network Security DNS, DHCP, Proxy, routers, switches, LAN and End point security TCP / IP, WANs, LANs, and commonly used Internet protocols such as SMTP, HTTP, FTP, POP, LDAP etc.

§ Prior experience of security incident management and vulnerability management processes

§ Proficiency in MS Excel ( for reporting)

§ Good communication and written skills

§ LogRhythm(preferred) or any industry leading SIEM

Qualification

Education Qualification – Any Graduation / Intermediate / Diploma with minimum 60%.

2 to 4 years of experience out of which last 1 years should be in SOC operations as L1 SOC Engineer. LR experience will be preferred

Mandatory Experience

SIEM alert monitoring and Incident Management

Threat Intelligence Brand monitoring, Deep and Dark Web Monitoring

Should have actively supported Cyberdrills and regulatory audits

Skills Required

Ms Excel, Ftp, Network Security, Switches, Http, Dns, Ldap, logrhythm , Smtp, Dhcp, POP, Proxy, Wans, Siem, Lan, Routers