top of page

SOC Analyst Team Lead

Position

SOC Analyst Team Lead

Experience

5+ Years

Location

Infopark, Koratty

Salary

Best in the Industry

Engagement

Full-time

Date Posted

29-May-2021

Job Description

Responsibilities

  • Always ensure confidentiality and protection of sensitive customer data.

  • Create & review SOPs for incident handling & response.

  • Assist SOC Manager in Development and execution of SOC process/procedures.

  • Monitor creation of reports, dashboards, metrics for SOC operations and presentation to Customer.

  • Ensure compliance to SLA, process adherence and process improvisation to achieve operational objectives.

  • Planning and defining shift roster for security event monitoring.

  • Ensure compliance to SOC processes defined for incident identification, assessment, quantification, reporting, communication, mitigation, and monitoring is achieved on weekly basis.

  • Primary responsibility on administration and monitoring of SOC ticketing tool used.

  • Providing incident response/investigation and remediation support for escalated security alerts/incidents from L2 team.

  • Provides technical support for forensics team (DFIR) to include evidence seizure, computer forensic analysis and data recovery, in support of computer crime investigation.

  • Provide any needed technical support for Engineering team for customer SIEM operations/fine-tuning, use case fine-tuning.

  • Performs research into emerging threat sources and develops threat profiles. Keep updated on latest cyber security threats.

  • Demonstrates strong evidence of analytical ability and attention to detail. Has a broad understanding of all stages of incident response.

 

Experience / Job Competencies / Success Factors

  • 5+ years technical experience working in a SOC and cyber security incident response team.

  • Professional experience working with sensitive or confidential information in a work environment.

  • Mastery in using incident handling methodologies such as NIST SP 800-61. Should have demonstratable experience in conducting incidence response operations.

  • In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc.

  • Knowledge about different types of cyber security/data security attacks such as ransomware, Phishing, data leakage etc.

  • In-depth understanding of: threat based IS/IT security, latest security technologies and concepts, threat management, incident, and vulnerability handling.

  • Experience and keen understanding of cybersecurity tools/devices, including SIEM, IDS/IPS, antivirus and endpoint detection & response solutions.

  • Effective communication skills and ability to present information to a wide variety of internal stakeholders, including senior level leadership.

  • Customer-facing, with good report-writing skills and strong communication skills at all levels.

  • Knowledge about frameworks such as MITRE ATT&CK, Cyber Kill chain, STRIDE etc.

  • Experience in threat management

  • Knowledge and expertise of various operating system flavors including but not limited to Windows, Linux, Unix

  • Appreciable scripting knowledge and experience in BASH/PowerShell/Regex and the like.

  • Knowledge of applications, databases, middleware to address security threats against the same.

  • Understanding of Operating System, Web Server, database, and Security devices (firewall/NIDS/NIPS) logs and log formats.

Education Qualification Requirements

  • Any bachelor’s degree in computer science/Information Security

  • Priority for B. Tech (Computer Science/IT/Electronics/Communication Engineering)

  • Mandatory: GCIH/GCFA/Certified Intrusion Analyst (GIAC)

  • Mandatory: SIEM product certifications- Microsoft Security Operations Analyst

  • Desirable: OSCP/CISSP

Mail your resume to careers@entixglobal.com

bottom of page