Senior SOC Analyst

Job Description Job Summary - Be a part of the Security Operations Centre (SOC) as a SOC analyst identifying, analyzing, notifying, and responding to security threats across a complex and disperse IT estate. - Conduct complex compromise analysis and work with resolver groups to ensure the timely mitigation of security events. Perform forensic investigations. - Identify and assess threat intelligence sources recommending relevant requisite actions, gaining agreement, and facilitating implementation. - Conduct security assessments including penetration testing and vulnerability assessments. - It is required that you stay up to date on IT security and on the latest methods attackers are using to infiltrate computer systems. - Analysts need to research new security technology to decide what will most effectively protect their organization. - The responsibilities are continually expanding as the number of cyberattacks increases. - Able to work shifts on a rotating basis for 24/7 operational support Responsibilities 1. Provides Monitoring and Analysis support of Cybersecurity events - Identify and detect security threats - Perform initial triage - Report security events, in accordance with established processes and procedures - Perform threat analysis, risk analysis, security assessments, and vulnerability testing - Anticipate threats and alerts to avoid their occurrence - Understanding of possible attack activities such as network probing/ scanning, DDOS, malicious code activity, etc. 2. Investigate, analyze, and contain malware incidents - Includes performing computer forensic investigations 3. Understanding of common malware types and behaviors and common infection vectors Ability to identify attacker Tactics, Techniques, and procedures (TTPs) Experience with IoC lifecycle (development, organization, sharing, effectiveusage) 4. Will be responsible for: Developing alerting, reporting, and automated detection solutions Authoring rules and creating new ML features 5. Strong experience in leveraging Next gen SIEM with SOAR/XDR capabilities to detect & investigate the cyber security incident and reporting in defined template. 6. SIEM solution management and maintenance: - Ensure health of underlying architecture - Create ruleset and alerts to cover the current threat landscape - Remediate alerts generated by the system - Manage vendor relationship with OEM 7. Security Log Analysis - Monitor and analyze the logs from various security tools e.g. SIEM, EDR, DLP, AV etc. and manually correlate system analyzed events 8. Practical/Working experience with tools like EDR, DLP, Zero Trust, Threat intel software, IPS/IDS, Email Security tools 9. Collaborate with various IT groups to collaborate for analysis, troubleshooting, and ensure that their requirements and new initiatives adhere to information security policies and best practices 10. Responding to escalations to resolve detection effectiveness issues (misclassified spam/phish and false positives) Design and develop novel threat detection techniques or methodologies from creating proof-of-concept to productizing the solution. 11. Perform device reviews to ensure compliance with hardening standards, access controls and security related configuration settings 12. Prepare and update security documentation including security procedures, standards, notifications, and alerts in support of other teams within the EgonZehnder Security department. 13. Proactively hunting threats, blue teaming, performing exploit and vulnerability research, all in order to find and a gap that can be exploited by bad actors Skills: 1. Prior work experience in SOC 2. Should be able to conduct advanced forensics including packet captures using tools such as Wireshark, Netmon etc. 3. Knowledge and experience of configuration