SOC Analyst

Job Purpose

SOC 24/7, SOC monitoring

Role Description

(Max 5 Nos)

· The analyst performs monitoring, research, assessment and analysis on Intrusion Detection and Prevention tools as well

as Anomaly Detection systems

, Firewalls,

Antivirus systems,

proxy devices

(IPS IDS)

which requires demonstrable security incident response experience.

· Perform initial risk assessment on new threats and vulnerabilities, perform assessment phase of

Vulnerability

and

Threat Management

process.

· Perform assessment as well as troubleshooting and help isolate issues with IDS/IPS sensors,

Antivirus

Cloud

MS O365 Defender

, Application monitor control, Mobile management (Intune),

Vulnerability scanners

Nessus Professional or Other Vulnerability Management tools.

·

Patch management

& MS O365 Defender Console monitoring.

·

Participate in daily and ad-hoc conference calls as well as compliance and controls, self-assessment processes and documentation related tasks.

·

Log and event management log monitoring and share the daily report.

·

Exposure to User behavior analytics tools.

·

MS Azure sentinel

·
Vulnerability Management. Compliant / Non-Compliant (Devices) Management using
Intune.

· Application control using MS Cloud App security.

·
Working Knowledge of Taegis Secure works or any
XDR/EDR Products

· Working Knowledge of
Password management tools
similar tool Bit warden

· Microsoft Purview and Entra(Azure AD Identity Management) working knowledge.

Key Deliverables

(Max 5 Nos)

·

Being Proactive

and handling

SOC Alerts

· Provide analysis and trending of

security log

data from a large number of heterogeneous security devices.

· Provide threat and vulnerability analysis as well as

security advisory

services

· Analyze and respond to previously undisclosed software and hardware vulnerabilities

· Coordinate with Intel analysts on open source activities impacting SLTT governments.

· Integrate and share information with other analysts and other teams

· IT Documentation and handling Security related task & ISO 27001

Compliance

process and SOC 2 type 2

·

Flexible, quick learning,

willing to work 24/7 and rotational shifts.

·

Patch Management

· Security analysts are expected to be on-call to respond to incidents that arise outside of business hours

· Monitor, Manage, Remediate(Vulnerability Management) Advise based Vulnerability advisories (CISA, MS-ISAC,USCERT) and escalate to respective teams.

· Other duties as assigned

· Independent worker

· Able to read Counter Threat Intelligence Reports and suggest appropriate actions.

· Manage SIEM

and On board devices and

respond to Alerts and Analyze and remediate.

Knowledge Skill Sets

1. Antivirus Enterprise and Active Directory - reviewing, monitoring, reporting & resolving

2. Vulnerability Scanning - Nessus, VA fix – reviewing, advising, reporting and resolving

3.

SIEM
and
Data Security
and Analytics - reviewing, monitoring, reporting and resolving.

1. Good Understating of Infrastructure components and able relate the security incidents to the respective components and work along with respective teams for closure.