SOC Engineer (ArcSight)

L1 / L2 Security Incident Analyst

Experience - 3+ years

Location - Delhi

Shifts - Rotational Shifts

Budget - 6-8 LPA

Position Overview

The L1 Security Incident Analyst is responsible for the initial monitoring, detection, and reporting of security incidents. This role is crucial for ensuring the timely identification and escalation of potential threats.

Key Responsibilities (ArcSight-Focused)

• Perform 24x7 Eye-on-Glass monitoring using ArcSight ESM and Logger as part of a rotating shift schedule.
• Monitor, analyze, and triage security alerts and events generated by ArcSight SIEM to identify potential threats.
• Conduct initial incident analysis by reviewing correlated events, logs, and active channels in ArcSight ESM .
• Escalate incidents to L2 analysts based on ArcSight correlation rule triggers, event severity, and impact assessment.
• Document incident details , investigation steps, and response actions within the incident management platform , referencing event data from ArcSight.
• Assist in maintaining and tuning ArcSight SmartConnectors , filters, and active channels for effective data ingestion and visibility.
• Support the continuous optimization of ArcSight content (e.g., rules, dashboards, use cases) to improve threat detection capabilities.
• Contribute to security awareness initiatives by providing inputs on observed trends or recurring issues from ArcSight alerts.
• Participate in a 24x7 shift roster ensuring consistent monitoring and timely response to security incidents across all time zones.

Regards

Kirti Rustagi

[HIDDEN TEXT]

Skills Required

ArcSight SmartConnectors, ArcSight SIEM, ArcSight ESM, incident management platform