Security Operations Center Analyst

Job Description

Title: SOC Lead Engineer

Experience: 1-4 yrs

Location: Delhi

We are looking for a highly skilled and experienced SOC Lead Engineer to join our Security Operations Centre (SOC). In this role, you will be responsible for architecting, implementing, and maintaining security solutions, while also monitoring alerts, responding to incidents, and ensuring robust threat management. You will collaborate with other Information Security and IT teams to maintain a secure environment, enhance our security posture, and manage incident response activities.

Responsibilities

- Lead the implementation, configuration, and maintenance of SOC solutions, including SIEM, HIPS/NIPS, Network Monitoring tools, and other advanced security technologies.
- Demonstrate expertise in Incident Management and Response.
- Possess strong, in-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, threat hunting, threat intelligence, advanced threat detection and analysis, forensic analysis, network security, endpoint security, cloud security, risk management, and incident management.
- Apply strong hands-on experience in security device management, security monitoring setup, and integration of security tools.
- Develop and refine incident response playbooks, integrating them with SOC processes and ensuring they reflect the latest threat intelligence.
- Lead the implementation and optimization of threat detection systems, including UBEA, AV, web security, and cloud security monitoring.
- Develop automated workflows and integrations to streamline SOC processes and improve incident response times.
- Collaborate effectively with internal SOC teams and external stakeholders to enhance security measures.
- Present regular metrics and reports on daily incidents and emerging security issues.
- Possess proficiency in developing and using incident response playbooks.
- Coordinate and lead incident response efforts during security incidents.
- Use strong written and verbal communication skills to create incident reports and communicate effectively with both technical and non-technical stakeholders.
- Lead and guide junior analysts during incident response and daily operations, and be willing to mentor less experienced team members.
- Maintain a proactive attitude toward staying updated on the latest cybersecurity threats, vulnerabilities, and industry best practices.
- Understand legal and regulatory requirements related to data protection and cybersecurity.
- Use strong analytical and problem-solving skills to identify and address complex security incidents.
- Demonstrate knowledge of various security devices and their management.
- Possess experience in setting up SOC processes.
- Show knowledge of various tools like SIEM, SSL, Packet Analysis, HIPS/NIPS, Network Monitoring tools, Remedy, Service Now Ticketing Toolset, Web Security, AV, UBEA, and Advanced SOC.

Required Qualifications

- BE/B.Tech/M.Tech/MSc/MCA in CS/IS/E&C or equivalent qualification.
- Minimum of 5 years of experience in Cyber security, SOC, or a relevant discipline.
- Experience in both open-source and commercial tools.
- At least one of the following certifications: GCFA / GCFI / CISP / CISSP / CCNP.

Desirable Skills

- Ability to analyze and respond to previously undisclosed software and hardware vulnerabilities.
- Knowledge of various operating system flavors, including Windows, Linux, and Unix.
- Proficiency in scripting languages (e.g., Python, PowerShell) for automation and analysis tasks.
- Knowledge of TCP/IP Protocols, network analysis, and network/security applications and devices.
- Knowledge of common Internet protocols and applications.