SOC Analyst L2|L3

WE ARE LOOKING FOR LOCAL GUJARAT BASED CANDIDATES ONLY.MINIMUM 3 YEARS OF EXPERIENCE IS COMPULSORY.

SUMMARY

As a SOC Analyst, you should be able to handle first point escalation for all technical and process issues. Provide technical subject matter expertise wherever required. Ensure proper communication and quick resolution as a crisis manager. Plan and schedule Changes, Coordinating with different stakeholders. Perform RCA for Major Incidents, follow quality / security process defined for the engagement. Perform Trend analysis, identify top few incidents and work with respective teams/individual to minimize the incidents, Hardware troubleshooting & Vendor coordination Prepare Weekly and monthly status reports. Participate in business meetings with various stake holders on a need basis. Take corrective actions based on the customer satisfaction surveys. Work on the service improvement programs. Effort estimation/reviews on need basis for new projects. Training of new team members Able to work on Knowledge acquisition and updates to related documents

KEY RESPONSIBILITIES
• Proven experience with any security information and event management (SIEM) tools like Azure Sentinel, Qradar, Splunk, Sumologic, etc.
• Handle L2 and above-level technical escalations from the operations team and resolve them within the SLA.
• Proficient in using SIEM tools, EDR, XDR, Proxies, etc.
• Identify the security gaps and the need to create/modify rules.
• Knowledge of cyber security frameworks and attack methodologies.
• Create and manage the Incident handling playbook, process runbooks, and ad-hoc documents whenever needed.
• Understanding of creating playbooks using any of the SOAR tools like IBM Resilient, ServiceNow SecOps, Demisto (XSOAR), and LogicApps.
• Understanding of common Attack methods and their SIEM signatures.
• Experience in security monitoring, Incident Response (IR), and security remediation.
• Strong knowledge and experience in Security Event Analysis capability.
• Strong understanding of networking and operating systems.
• Understanding of network protocols (TCP/IP stack, SSL/TLS, IPSEC, SMTP/IMAP, FTP, HTTP etc.)
• Understanding of Operating System, Web Server, database, and Security devices (firewall/NIDS/NIPS) logs and log formats.
• Familiar with MITRE ATT&CK, NIST Frameworks, OWASP Top10.
• Change Management must be driven and supported.
• Report Generation and Trend Analysis Starting the governance meeting with the customer and walking the customer and stakeholders through the security status from the SOC's perspective. (Joint venture with Stakeholders to create security posture.)
• Correlate and analyze relevant data from multiple sources to identify security threats.
• Develop and maintain procedures for incident detection and response.
• Stay updated on the latest security technologies and threat intelligence.
• Conduct VAPT.
• Collaborate with the network and development team to mitigate the vulnerabilities.
• Incorporate threat intelligence into a daily monitoring system.
• Collaborate with the threat intelligence team to enhance security posture.
• High level of personal integrity, and the ability to professionally handle confidential matters and show an appropriate level of judgment and maturity.
• Understanding of ISMS principles and guidelines and relevant frameworks (e.g. ISO27001)
• Ensuring compliance with relevant security standards, regulations, and industry best practices (e.g., PCI DSS, HIPAA, GDPR).
• Relevant certifications such as CISSP, GIAC, or equivalent.
• Excellent analytical and problem-solving skills.
• Effective communication and collaboration skills.
• Proactively support the L1 team during an incident.
• Ready to work in 24x7x365 rotational shift.

QUALIFICATIONS AND CERTIFICATIONS

Bachelor’s or master’s degree (any