L3 Soc Analyst

L3 SOC Analyst Experience 7 plus years Location Hyderabad Trivandrum Kochi Bangalore Chennai Company CyberProof A UST Company CyberProof is seeking a SOC L3 Engineer who will be part of our growing Global Operations Delivery team which monitors investigates and resolves security incidents violations and suspicious activities Our global Operations group takes innovative approaches and uses the most cutting-edge technologies to transform the operations of our customers and secure the security landscape Main Responsibilities Act as an escalation point for high and critical severity security incidents and conduct thorough investigations to determine potential impact and understand extend of compromise Analyse attack patterns Tools Techniques and Procedures TTPs to identify methods of attacks and attack life cycle Provide recommendations on issue resolution activities such as security controls policy configuration changes and security hygiene improvement Provide guidance on mitigating risks associated with security vulnerabilities Hunt for Indicators of Compromise IOCs and signs of Advanced Persistent Threats APTs within the Client s environment Conduct threat hunting by means of in-depth log analysis to identify potential threats that may have evaded automated detection Conduct analysis to gather evidence validate root cause and analyse extend of compromise leveraging Client s security toolset Identify gaps and weaknesses in existing security processes and propose enhancements to improve Client s established incident response methodologies Collaborate with cross-functional teams to ensure end to end management of security incident lifecycle Document and update incident response processes define outcomes for future references and drive continuous improvement Participate in regular team meetings Incident Response war room discussions and executive briefing sessions Requirements Minimum 2 years of experience as a SOC L3 Analyst working as part of a Global SOC team Resolve escalate report and raise recommendations for resolving and remediating security incidents Be an escalation point for investigations of clients and suggest optimization activities to improve their performance Proactively monitor and review threats and suspicious events from customers participating in the service Handle the advanced monitoring of system logs SIEM tools and network traffic for unusual or suspicious activity Set up SIEM solutions and troubleshoot connectivity issues Investigate and resolve security violations by providing post-mortem analysis to illuminate issues and possible solutions Collate security incident and event data to produce monthly exception and management reports Report unresolved network security exposure misuse of resources or noncompliance situations using defined escalation processes Assist and train team members in the use of security tools the preparation of security reports and the resolution of security issues Develop and maintain documentation for security systems and procedures Experience in handling Linux servers familiar with Linux OS and commands Requirements Maintain excellent customer satisfaction through professional proactive and personal service Experience with SIEM vendors such as QRadar ArcSight RSA and LogRhythm Experience in incident response and in writing procedures runbooks and playbooks Ability to work with customer s IT and security teams About Company UST is a global digital transformation solutions provider For more than 20 years UST has worked side by side with the world s best companies to make a real impact through transformation Powered by technology inspired by people and led by purpose UST partners with their clients from design to operation With deep domain expertise and a future-proof philosophy UST embeds innovation and agility into their clients organizations With over 30 000 employees in 30 countries UST builds for boundless impact touching billions of lives in the process