Security Operations Center

2 weeks ago

delhi, India SkySys Full time
Role: Security Operations Center (SOC) Analyst
Position Type: Full-Time Contract (40hrs/week)
Contract Duration: Long Term
Work Hours: US Time (EST)
Work Schedule: 8 hours/day (Mon-Fri)
Location: 100% Remote (can work from anywhere in India)
We are looking for a SOC Analyst to Join the Cyber Operations Team. The team is a 24x5 group who will rotate shifts. The team currently utilizes the following tools: Splunk, CrowdStrike, Qualys, Digicert PKI, Proofpoint, among others. We do not require experience with all of these tools, and this role provides a unique opportunity to learn these tools and gain hands on experience. Ideally we are targeting candidates that have familiarity/experience with some of the tools, the more the better.
Please see below for details on how each tool is utilized and day to day responsibilities.

Splunk

SIEM Tool : Security Incident and Event Management Tool for Security Incidents and Event Correlation. SOC team monitors Splunk for alerts and incidents, responding as necessary.

L2 Tasks :

Performing the health check for reporting and non-reporting devices to Splunk. Monitoring the High and critical incidents/Notables and taking the necessary triage action for incident response by creating an incident on SNOW. Monitoring the Medium Incidents to reduce the false positives Continuous On boarding of the log sources such as Windows, Linux servers, Network devices and applications. Monitoring the cloud monitoring console and validating the Splunk universal forwarder unsupported versions and working with respective teams to get the Forwarder updated Analyzing the raw events and reducing the false positive incidents. Working with respective team members to troubleshoot if the log sources are not reporting. Escalate Incidents and anomalies to L3 team as required Creating the SOP's based on scope and requirement

L3 Tasks:

In addition to L2 tasks, perform threat hunting based on adversaries Plan, Manage and deploy Splunk Enterprise Architecture and resource changes. Plan and Onboard new data sources when required. Manage and create new security correlations based on Data inputs and Data models. Team training.

Crowdstrike

EDR is an integrated endpoint security solution that combines NextGen AV and real-time continuous monitoring, collection of endpoint data with rules-based automated response and analysis capabilities for threat hunting. The SOC team monitors for detections and incidents and responds as appropriate, working with key parties including the Falcon Complete team.

L2 Tasks:

Performing the health check for reporting and non-reporting devices to Crowdstrike. Working with windows and Linux team to install the CrowdStrike agents. Analyzing the escalated Detections and incidents and taking the necessary Triage and Incident Response actions. Creating the SOP's based on scope and requirement

L3 Tasks:

In addition to L2 tasks, create custom IOA based on threat Client. data. Collaborate with Crowdstrike Complete team in creating policies, detection capabilities Design and Manage deployments and plan architectural change requirements Threat hunt based on adversary Team training.

Qualys

Vulnerability Management and Assessment. The SOC team is trained to use the tool for ad hoc scans as requested. Also assists Vulnerability manager by organizing assets and performing other maintenance tasks.

L2 Tasks :

Creating asset groups. Creating and managing the TAGS. Creating and managing the templates. Scheduling the scans. Running the Adhoc scans based the teams request and generating reports for validation. Creating the SOP's based on scope and requirement Helping other teams if any queries on remediation/mitigation. Purging the decommissioned assets. Creating the new report templates based on the requests. Handling the option profiles. Fixing the unauthenticated scan issues. Monitor for critical advisories and report it to teams for timely action by Opening a P2 incident to fix. Deploy and Perform health check for Qualys Cloud agents

L3 Tasks :

In addition to L2 Tasks, Architecture level planning and Changes. Support in new integration requests Validating the SOP's created by L2 Team. L3 administration and maintenance (Policy, design, updates and enhancements). Team training.

Digicert PKI

External Certificate Authority for Client's External facing domains and services.

L3 Tasks

Guide users in requesting correct certificate based on application and service use. Validate and Issues Certificates Add new domains and perform validation checks for both Org. and domains Monitor and track certificates issued Help teams on generating CSR and certificate installations. Recommend and troubleshoot certificate related issues.

GRC

Risk and Governance tool to Submit PCI and InfoSec Audit evidence: Tools used by internal GRC team, to collect evidence for compliance.

SOC submits evidence for both PCI and Infosec based on request. Also participate in Internal and External security audits

Windows PKI

Internal Certificate Authority for Clients Internal Domains Tasks:

Validate and Issue Certificates. Create and Manage certificate templates. Help teams to generate CSR and install Certs. Guide users in requesting correct certificate based on application and service use. Recommend and troubleshoot certificate related issues.

L3 Tasks

Participate in Architecture, Deployment and integration requirements with infra. and application teams.

Proofpoint – Phishing Email Reporting and Awareness.

Proofpoint is used for Internal security awareness training and reporting Phishing emails to IT Security. The SOC team assists with Security Awareness training by monitoring the client's mailbox for reported phishing.

L2 Tasks:

Checking the email header to know the source and authenticity of the email. Verify any links in the email and analyze the links in a sandbox Verify if any attachment was opened by the user on the reported emails if yes, run a full scan and check on virustotal and submit the new hash and file to Security vendors. Send the email to users with phishing awareness details based on the findings Creating an incident for proofpoint for tracking Analysing the incidents in proofpoint and closing based on the finding

  • Security Operations Center

    18 hours ago

    Delhi, Delhi, India SkySys Full time

    Role:Security Operations Center (SOC) AnalystPosition Type:Full-Time Contract (40hrs/week)Contract Duration:Long TermWork Hours:US Time (EST)Work Schedule:8 hours/day (Mon-Fri)Location:100% Remote (can work from anywhere in India)We are looking for a SOC Analyst to Join the Cyber Operations Team. The team is a 24x5 group who will rotate shifts.The team...

  • Center Manager

    1 day ago

    Delhi, Delhi, India Progenesis IVF Fertility Center Full time

    Managing overall Operations and Administration of the Center. Floor Management. Hospital Data Management Over all compliances and Documentation of the Center. Marketing & Branding Cam Management Vendor management. Preparing Duty Schedule dept wise for Center's' employees To check & maintenance of AMC for machines. Maintain daily, weekly and monthly patients'...

  • Security Operations Center

    23 hours ago

    Delhi, Delhi, India SkySys Full time

    Role: Security Operations Center (SOC) Analyst Position Type: Full-Time Contract (40hrs/week) Contract Duration: Long Term Work Hours: US Time (EST) Work Schedule: 8 hours/day (Mon-Fri) Location: 100% Remote (can work from anywhere in India) We are looking for a SOC Analyst to Join the Cyber Operations Team. The team is a 24x5 group who will rotate...

  • Gm - Data Center Operations

    7 days ago

    Delhi, India Ekaga Futuristics Private Limited Full time

    PURPOSE OF JOB This role will plan, direct and control the Data Center functions and operations. Ensure the monitoring and analysis of incidents to protect People, Technology and Process addressing all types of incidents and ensuring timely closure. ESSENTIAL QUALIFICATIONS - Bachelor's degree in computer science, information technology, or a related...

  • Security Operations Center Analyst

    1 month ago

    delhi, India Coforge Full time

    About Job:Role - Senior Associate-(IR)Incident ResponseLocation - Greater Noida (On-Site)/(WFO)Experience - 3+ YearsPrimary Skills : SOC IR Management, NIST, MITRE ATT&CKSecondary Skills : Azure Sentinel and Microsoft Defender for O365Job Description:Hands on experience working in 24*7 SOC operations, handling security alerts, Incident triage and...

  • Security Operations Center Analyst

    19 hours ago

    Delhi, Delhi, India Hitachi Systems India Pvt Ltd Full time

    Hitachi Systems is hiring for SOC analystLocation MumbaiExperience 4-6 YRsImmediate joiner preferred ..*Key Responsibilities:**1.Advanced Incident Handling: Identify, investigate, and resolve complex security incidents. This involves analyzing the root cause of incidents, tracking incident progress, and documenting incident resolution.2.Threat Intelligence:...

  • Security Operations Center

    2 weeks ago

    Delhi, India SkySys Full time

    Role:Security Operations Center (SOC) AnalystPosition Type:Full-Time Contract (40hrs/week)Contract Duration:Long TermWork Hours:US Time (EST)Work Schedule:8 hours/day (Mon-Fri)Location:100% Remote (can work from anywhere in India)We are looking for a SOC Analyst to Join the Cyber Operations Team. The team is a 24x5 group who will rotate shifts. The team...

  • National Security Operations Center Operator

    20 hours ago

    Delhi, Delhi, India NeGD Full time

    Ensure compliance to the adopted Security standards inthe organisation.Ensure Log Management of end user systemsnetwork/security devices, and events are investigated. First like response tosecurity incidents and, user and resource access monitoring, event correlationand compliance reportingKeep abreast with the latest development in the areaof expertise to...

  • Cyber Security Instructor

    4 weeks ago

    Delhi, India Cyber Security Council for Operations & Intelligence Full time

    Job Title: Senior Cyber Security TrainerPosition Overview:We are seeking an experienced Senior Cyber Security Trainer with a proven track record in corporate training. The ideal candidate will have 6-8 years of hands-on experience in the field of cybersecurity along with exceptional teaching skills. The role involves designing curriculum, delivering training...

  • Data Center Engineer

    4 days ago

    Delhi, India Alinta Tech Solutions Full time

    Job DescriptionWe are seeking a highly skilled and motivated Data Center Engineer to join our IT Infrastructure Department at our Johannesburg Head Office. The successful candidate will be responsible for the design, implementation, maintenance, and optimization of data center infrastructure, ensuring high availability, reliability, and security of critical...

  • Data Center Engineer

    21 hours ago

    Delhi, Delhi, India Alinta Tech Solutions Full time

    Job DescriptionWe are seeking a highly skilled and motivated Data Center Engineer to join our IT Infrastructure Department at our Johannesburg Head Office. The successful candidate will be responsible for the design, implementation, maintenance, and optimization of data center infrastructure, ensuring high availability, reliability, and security of critical...

  • National Security Operations Center Operator

    2 months ago

    Delhi, Delhi, India NeGD Full time

    Ensure compliance to the adopted Security standards inthe organisation. Ensure Log Management of end user systemsnetwork/security devices, and events are investigated. First like response tosecurity incidents and, user and resource access monitoring, event correlationand compliance reporting Keep abreast with the latest development in the areaof expertise...

  • Data Center Operator

    1 month ago

    Delhi, India MigrationIT Full time

    Job DescriptionCoordinate all new device installations in server room.Basic support in data center equipment installation.Perform Data Center security and provide data center system monitoring services.Support planned maintenance events system, backup processes and disaster recovery drills.Prepare server cabinet space for power, Ethernet and cooling.Install,...

  • Senior Security Engineer

    19 hours ago

    Delhi, Delhi, India TAC Security Full time

    Job Title: Senior Security Engineer - VAPTLocation: Pune, IndiaCompany DescriptionTAC Security is a global leader in vulnerability management that specializes in protecting Fortune 500 companies, leading enterprises, and governments worldwide. With its AI-based Vulnerability Management Platform ESOF (Enterprise Security in One Framework), TAC Security...

  • IT Security

    2 months ago

    Delhi NCR, India Engiriors India Consulting Contracting Pvt Ltd Full time

    Company : A leading name in the Plastics manufacturing industryJob Title : IT Operations & Security ManagerLocation : DelhiJob Type : Full-time (WFO)Experience : - Minimum 12-15 years of experience in digital transformation, and security operations in challenging & startup-like work environments. - Transformational thinking & ability to drive things in...

  • Security Operations Center Analyst

    1 month ago

    delhi, India eClinicalWorks Full time

    ResponsibilitiesMonitor, maintain, and analyze WAF (Web Application Firewall) and alerts on WAF (Web Application Firewall) and Web Traffic Logs on SIEM tool, identify the potential threats / intruders behaviors and take quick steps to block the suspicious attempts.Managing and monitoring web application rules and policies across the enterprise.Work with...

  • Security Operations Center

    2 weeks ago

    Delhi Division, India SkySys Full time

    Role: Security Operations Center (SOC) Analyst Position Type: Full-Time Contract (40hrs/week) Contract Duration: Long Term Work Hours: US Time (EST) Work Schedule: 8 hours/day (Mon-Fri) Location: 100% Remote (can work from anywhere in India) We are looking for a SOC Analyst to Join the Cyber Operations Team. The team is a 24x5 group who will...

  • National Security Operations Center Operator

    2 weeks ago

    New Delhi, India NeGD Full time

    Ensure compliance to the adopted Security standards inthe organisation. Ensure Log Management of end user systemsnetwork/security devices, and events are investigated. First like response tosecurity incidents and, user and resource access monitoring, event correlationand compliance reporting Keep abreast with the latest development in the areaof expertise...

  • Specialist - Data center Operations

    2 weeks ago

    Delhi, India NTT Full time

    JOB DESCRIPTIONNTT is a leading global IT solutions and services organisation that brings together people, data and things to create a better and more sustainable future.In today’s ‘iNTTerconnected’ world, connections matter more now than ever. By bringing together talented people, world-class technology partners and emerging innovators, we help our...

  • Specialist - Data center Operations

    3 weeks ago

    Delhi, India NTT Full time

    JOB DESCRIPTIONNTT is a leading global IT solutions and services organisation that brings together people, data and things to create a better and more sustainable future.In today’s ‘iNTTerconnected’ world, connections matter more now than ever. By bringing together talented people, world-class technology partners and emerging innovators, we help our...