Position : SOC Analyst
Location : Milford, OH (Onsite)
Duration : FTE
Job Description :
Roles & Responsibilities
Security Operations Centre (SOC) provides monitoring and security Analysis to clients worldwide for our comprehensive network, Cloud and Endpoint based operation.
Responsibilities :
- Monitor SIEM and related technologies to triage security events
- Correlate and analyze events using the SIEM
- Follow detailed operational process and procedures to appropriately analyze, escalate, and assist in remediation of
- critical information security incidents
- Analyzing potentially complex cybersecurity systems to identify potential anomalies.
- Responsible for working in a 12x5 Security Operation Center (SOC) environment
- Review the latest alerts to determine relevancy and urgency
- Evaluating the severity and urgency of cybersecurity alerts as they arise
- Answering data security questions from stakeholders within the organization
- Documenting cybersecurity incidents and reviewing incident reports
- Providing detailed reports for leaders within the organization
- Review and collect asset data (configs, running processes, etc.) on these systems for further investigation
- Investigate, document, and report on Information Security issues and emerging trends.
- Integrate and share information with other analysts during the handovers.
Technical / Functional Skills
- Knowledge and hands-on experience with Splunk, LogRhythm, QRadar, Arcsight, Mcafee epo, NetIQ, Sentinel or any SIEM
- tool.
- Experience with Security Information Event Management (SIEM) tools, creating advanced correlation rules, administration of SIEM, dashboard creation & rule fine tuning.
- Should have expertise on TCP / IP network traffic and event log analysis.
- Knowledge on Incident, Problem and Change Management.
- Good Knowledge on Checkpoint, Cisco, Fortigate, PaloAlto and Sonicwall firewalls would be an added advantage.
- Hands-on experience any ticketing tools like ServiceNow, JIRA etc
5 days ago