Security Operation Analyst

Security Operations Centre (SOC) Analyst plays a vital role in Security delivery. As a SOC Analyst Level 3, you will be on the front line of Cyber Defense, detecting & responding to Cyber Incidents as they happen. This job requires great attention to detail and general awareness of Cyber Security tools like SIEM, XDR, EDR, IDS/ IPS, ability understand various logs - network logs, sys logs, Firewall logs. As a SOC Analyst you are expected to have working knowledge in areas of networking, malware analysis, incident response, vulnerability management. * Threat & vulnerability analysis * Investigate, document & report Information security issues & emerging trends * Analysis & response to unknown vulnerabilities As a SOC Analyst - Level 3, you will: * Operate as detection and security incident response subject-matter expert * Perform root cause analysis of detection failures, identify areas for improvement. * Drive the continuous development of detection capability for SOC * Manage, investigate, and resolve complex issues with the Security tooling. * Securely configure the SIEM, and other SOC solutions in accordance with relevant policy and regulation * Support the Threat hunters in executing complex data analysis. * Provide a point of escalation for SOC/ security detection technical service issues. * Ensure the relevant security tools are compliant with company standards and governance. * Contribute to existing Policy, procedures and process documentation enhancements * Define and implement technical governance processes for security tooling of SOC, SIEM and other security tools including AV, EDR, Defender Cloud. * Provide In depth analysis to the user/customer about the security incidents (eg. Creating Reports which helps in providing the logs for the alerts, for finding any possible threats. * Analyze a variety of network and host-based security appliance logs (Firewalls, NIDS, HIDS, Sys Logs, etc.) Change Management/ Implementation: Patch and Security Management: Apply patch and security changes per policy. * Configuration Management: Review Configuration Management Database (CMDB) entries to ensure they are complete and accurate. * Quality: Project Management: Lead & participate in customer and internal projects, including transformation. * Customer Relationship Management: Set expectations with customers and/or internal businesses/end users within defined parameters. * Teamwork: Work as part of a team, which may be virtual and/or global. 8 - 12 years of relevant experience Create and fine-tune content in SIEM - correlation rules, Dashboard and Reports etc * Understanding of threat landscapes and threat modelling, security threat and vulnerability management, and security monitoring * Working knowledge of tools and techniques used by attackers to gain entry into corporate networks, including common IT system flaws and vulnerabilities. * Knowledge of industry standards such as ISO 27001, HIPAA, FedRAMP, Cloud Security Alliance, NIST frameworks and risk methodologies * Demonstrated experience in communicating complex security concepts, both verbally and in writing, to a variety of audiences * Excellent understanding of related technologies (Networking, Operating Systems) * General Project Management (Expert) * Business Analysis (Expert) * Qualification & Experience Bachelor’s degree in engineering (Electronics, Communication, Computer Science) 8 - 12 years of relevant experience in SOC domain Strong understanding ITIL process Recognized Cyber Security certifications, such as CISSP, CISM, SANS, SABSA, OSCP are advantageous. Microsoft Security and compliance certifications such as SC-200, MS-500 and AZ-500 preferred