This job ad has been posted over 30 days ago...

41

applicants

SOC Analyst Full-time

at Techdefence Labs Solutions Pvt Ltd in Ahmedabad (Published at 31-05-2019)

Role Summary/Purpose:



A Threat Detection Analyst Level 1 participates in coverage for alert monitoring and incident detection and also supports preliminary incident response where appropriate. The L1 Analyst is responsible for the initial triage of security alerts and indicators generated by the incident monitoring systems (e.g. Splunk ES). This will require personnel to look at the highest number of alerts, while performing the lowest level of analysis. Analysts continuously monitor the alert queue for new alerts and are direct consumers of the JSOC configured security suite. The role determines if an alert is deemed an incident and will be required to query referential information such as events to add context to the alert.



Essential Responsibilities:



• Monitors alerting tools and also handles escalated incidents from Helpdesk, Physical Security, Network Team and Customers.

• Triages alerts as they come in and action appropriately.

• Respond to common alerts in a consistent and repeatable manner from multiple alerting sources.

• Responsible for triage of a variety of alerts stemming from C2 beaconing, malware, or phishing attempts.

• Provide escalations of unknown threats to Level 2.

• Identify abnormal security events and trigger the call list / distribution list.



Qualifications/Requirements:



• Minimum IT Diploma Holder or equivalent.

• Ability to work in rotating shifts and also be on-call outside of shift hours on a regular and recurring basis.

• Possess personal and professional integrity. Individuals will be required to submit to a background examination.

• Good oral and written communication skills.

• Possess desire to solve problems logically



Desired Characteristics:



• Ability to perform logical problem solving.

• Possess basic understanding of enterprise grade technologies including operating systems, databases and web applications.

• Ability to read and understand basic system data including security event logs, system logs, application logs, and network traffic.

• Demonstrate understanding for basic internet traffic concepts (e.g. DNS, HTTPS, HTTP).

• Network infrastructure knowledge (e.g. router, switch, firewall).

• Security best practices for operating systems such as Microsofot WIndows or Redhat.

• Experience of working in high performing teams and understand the dynamics of teamwork in a SOC environment.


Viewed: 402 times
« Go back to category
Is this job ad fake? Report it!   
Recommend to a friend