Security Operations Center Analyst
4 weeks ago
Job brief
The Security Operation Centre (SOC) Information Security Analyst are the first level responsible for ensuring the protection of digital assets from unauthorized access, identify security incidents and report to customers for both online and on-premises. The position monitors and responds to security events from managed customer security systems as part of a team on a rotating 24 x 7 x 365 basis. They are alert and aggressive to filter out suspicious activity and mitigate risks before any incident occur. Your background should include exposure to security technologies including firewalls, IPS/IDS, logging, monitoring and vulnerability management. You should understand network security practices. Excellent customer service while solving problems should be a top priority for you.
Main Responsibilities
- Tier 1 SOC analysts are incident responders, remediating serious attacks escalated from Tier 1, assessing the scope of the attack, and affected systems, and collecting data for further analysis.
- Work proactively to seek out weaknesses and stealthy attackers, review vulnerability assessments (CVEs) on monitored assets. Focus more on doing deep dives into datasets to understand what's happening during and after attacks.
- Monitor security events from the various SOC entry channels (SIEM, Tickets, Email and Phone), based on the security event severity and suspicious activities, escalate to managed service support teams, tier 3 information security specialists, and/or customer as appropriate to perform further investigation and resolution.
- Works as a Team lead for the SOC Analysts helping them to ensure that corporate data and technology platform components are safeguarded from known threats.
- Analyse the Events & incidents and identify the root cause.
- Assist in keeping the SIEM platform up to date and contribute to security strategies as an when new threats emerge.
- Staying up to date with emerging security threats including applicable regulatory security requirements.
- Bring enhancements to SOC security process, procedures, and policies.
- Document and maintain customer build documents, security procedures and processes.
- Document incidents to contribute to incident response and disaster recovery plans.
- Review critical incident reports and scheduled weekly & monthly reports and make sure they are technically and grammatically accurate.
- Keep updated with new threats, vulnerabilities, create/contribute to use cases, threat hunting etc.
- Other responsibilities and additional duties as assigned by the security management team or service delivery manager
Requirements:
- Min 1-3 Years’ Experience as SOC Analyst – (Experience in SIEM Tool ELK & Wazuh preferable)
- Process and Procedure adherence
- General network knowledge and TCP/IP Troubleshooting
- Ability to trace down an endpoint on the network, based on ticket information
- Familiarity with system log information and what it means
- Understanding of common network services (web, mail, DNS, authentication)
- Knowledge of host-based firewalls, Anti-Malware, HIDS
- Understanding of common network device functions (firewall, IPS/IDS, NAC)
- General Desktop OS and Server OS knowledge
- TCP/IP, Internet Routing, UNIX / LINUX & Windows.
- Excellent written and verbal communication skills
Skills:
- Excellent event or log analytical skills
- Proven experience as IT Security Monitoring or similar role
- Exceptional organizing and time-management skills
- Very good communication abilities
- ELK, Wazuh, Splunk, ArcSight SIEM management skills
- Reporting
-
Security Operations Center Analyst
4 weeks ago
Bengaluru, India Vistas Global Full timeJob Description We are looking for a Security Operations Center Analyst to join our cybersecurity team. The role involves monitoring, detecting, and responding to cybersecurity threats in operational technology (OT) environments to safeguard critical industrial systems. Key Responsibilities Monitor OT security alerts and events via SIEM and OT monitoring...
-
Security Operations Center Analyst
1 week ago
Bengaluru, Karnataka, India DP World Express Logistics Private Limited Full time ₹ 15,00,000 - ₹ 25,00,000 per yearSOC Analyst IKEY ACCOUNTABILITIES Perform and provide oversight for day-to-day security SOC operations duties, including the management of security analysts, the development and implementation of security policies and procedures, and the response to security alerts. Develop and maintain KPI reports on SOC team performance and other aggregated...
-
Security Operations Center Analyst
4 weeks ago
Bengaluru, India Tekskills Inc. Full timeJob Role: Security Operations Center (SOC) Analyst Job Location: Bangalore, KA Work Mode: (Hybrid/WFO) Skill Required: SOC Incident handler L3 Experience: 6-9 years Minimum 5+ years of experience Job Description: Use Case Development: Knowledge of organizational risks and threats to design relevant and effective detection rules. Log Sources: Understanding...
-
Security Operations Center Analyst
1 week ago
Bengaluru, Karnataka, India Tekskills Inc. Full time ₹ 15,00,000 - ₹ 25,00,000 per yearJob Role: Security Operations Center (SOC) AnalystJob Location: Bangalore, KAWork Mode: (Hybrid/WFO)Skill Required: SOC Incident handler L3Experience: 6-9 yearsMinimum 5+ years of experienceJob Description:Use Case Development: Knowledge of organizational risks and threats to design relevant and effective detection rules.Log Sources: Understanding log...
-
Security operations center analyst
4 weeks ago
Bengaluru, India Soffit Infrastructure Services Full timeJob briefThe Security Operation Centre (SOC) Information Security Analyst are the first level responsible for ensuring the protection of digital assets from unauthorized access, identify security incidents and report to customers for both online and on-premises. The position monitors and responds to security events from managed customer security systems as...
-
Senior Threat Analyst
4 weeks ago
Bengaluru, India Optiv Full timeThe Senior Threat Analyst will provide deep-level analysis for client investigations utilizing customer-provided data sources, audit, and monitoring tools at both the government and enterprise level. The Senior Threat Analyst will work closely with our Technology Engineers, Architects, and Threat Analysts to service customers. This is a 24x7 role in Security...
-
Security Operations Center Analyst
4 weeks ago
Bengaluru, India Soffit Infrastructure Services (P) Ltd Full timeJob briefThe Security Operation Centre (SOC) Information Security Analyst are the first level responsible for ensuring the protection of digital assets from unauthorized access, identify security incidents and report to customers for both online and on-premises. The position monitors and responds to security events from managed customer security systems as...
-
Security Operations Center Analyst
4 weeks ago
Bengaluru, India Soffit Infrastructure Services (P) Ltd Full timeJob briefThe Security Operation Centre (SOC) Information Security Analyst are the first level responsible for ensuring the protection of digital assets from unauthorized access, identify security incidents and report to customers for both online and on-premises. The position monitors and responds to security events from managed customer security systems as...
-
Security Operations Center Analyst
4 weeks ago
Bengaluru, India Soffit Infrastructure Services (P) Ltd Full timeJob briefThe Security Operation Centre (SOC) Information Security Analyst are the first level responsible for ensuring the protection of digital assets from unauthorized access, identify security incidents and report to customers for both online and on-premises. The position monitors and responds to security events from managed customer security systems as...
-
Security Operations Center Analyst
4 weeks ago
Bengaluru, India Soffit Infrastructure Services (P) Ltd Full timeJob brief The Security Operation Centre (SOC) Information Security Analyst are the first level responsible for ensuring the protection of digital assets from unauthorized access, identify security incidents and report to customers for both online and on-premises. The position monitors and responds to security events from managed customer security systems as...
