Talent.com
This job offer is not available in your country.
SOC Engineer

SOC Engineer

Tata Consultancy ServicesDelhi, IN
13 hours ago
Job description

Continuously monitor :

  • Monitor security alerts and events from various sources, including Microsoft Sentinel, Defender for Endpoint and Defender for Cloud.
  • Perform log management : Perform log ingestion, define use cases, and create alerts for critical assets.
  • Develop Detection Rules : Create, implement, and fine-tune analytical rules, alerts, and queries in Microsoft Sentinel and Defender to detect security incidents and reduce false positives.
  • Behavioral Analytics : Leverage user and entity behavior analytics (UEBA) to identify abnormal activities and enhance detection capabilities.
  • Customize Playbooks : Develop and customize automation playbooks in Sentinel and defender to streamline incident response processes and improve efficiency.
  • Threat Hunting : Using IOCs and threat intelligence, perform threat hunting across environment.

Incident Response

  • Analyze and investigate security incidents to identify potential threats.
  • Respond promptly to security incidents, provide initial analysis, conduct business impact assessment, isolate, eradicate and recover from threats.
  • Document and report incidents, ensuring accurate and comprehensive records.
  • Follow established incident response procedures, playbooks and contribute to their enhancement.

    • Testing and Validation

  • Participate in Blue\Red\Purple team exercises.
  • Participate in Cyber crisis simulations.
  • Participate in Table-top exercises.

    • Business Context and Risk Management

  • Understand the Business value chain.
  • Understand key Business processes.
  • Understanding the Business architecture and mapping to crown jewels (critical assets)
  • Risk management with the ability to conduct risk assessments when required.

    • Endpoint Detection and Response (EDR)

  • Manage and maintain endpoint security and compliance.
  • Perform daily health checks endpoint security and EDR solutions and remediate accordingly.
  • Conduct regular scans and assessments to identify and mitigate potential vulnerabilities.
  • Collaborate with IT teams to ensure endpoint security configurations align with organizational standards.
    • Create a job alert for this search

    Soc Engineer • Delhi, IN