SOC Analyst L3 (Sentinel is must)

What were looking for

To support our continued success and deliver a Fanatical Experience to our customers, Rackspace Cyber Defence is looking for an Indian based Security Operations Analyst (L3) to support Rackspaces strategic customers.

This role is particularly well-suited to a self-starting, experienced and motivated Sr. Sec Ops Analyst, who has a proven record of accomplishment in the cloud security monitoring and incident detection domain.

As a Security Operations Analyst(L3), you will be responsible for detecting, analysing, and responding to threats posed across customer on-premises, private cloud, public cloud, and multi-cloud environments.

The primary focus will be on triaging alerts and events (incident detection), which may indicate malicious activity, and determining if threats are real or not.

You will also be required to liaise closely with the customers key stakeholders, which may include incident response and disaster recovery teams as well as information security.

Key Accountabilities :

• Should have experience of  10 years in SOC and 5 years in Azure Sentinel.
• Ensure the Customer's operational and production environment remains secure at all the times and any threats are raised and addressed in a timely manner.
• Critical incident handling & closure.
• Escalation management and handling escalations from L2 Analysts.
• Proactive discovery of threats based on MITRE ATT&CK framework.
• Deep investigation and analysis of critical security incidents.
• Post breach forensic incident analysis reporting.
• Review the weekly and monthly reports.
• Review new use cases created by L2 and implement in cloud-native SIEM (Security Information and Event Management).
• Assist with customer onboarding (such as use case development, identifying data sources, configuring data connectors etc)
• Advanced threat hunting.
• Develop custom dashboards and reporting templates.
• Develop complex to customer specific use cases.
• Advanced platform administration.
• Solution recommendation for issues.
• Co-ordinate with vendor for issue resolution.
• Basic and intermediate playbook and workflow enhancement.
• Maintain close working relationships with relevant teams and individual key stakeholders, such as incident response and disaster recovery teams as well as information security etc.
• Develop the custom parsers for the incident and alert enrichment.
• Problem specific playbook and workflow creation and enhancements
• Required to work flexible timings.

Skills and Experience :

Skills Required

sentinel , Threat Hunting, Security Monitoring, Malware Analysis, network forensics, Vulnerability Assessment, Log Analysis, Cloud Security