Description:
Acknowledge, analyse, and validate incidents triggered from correlated events through SIEM solution
Acknowledge, analyse, and validate incidents received through other reporting mechanisms such as email, phone calls, management directions, etc.
Collection of necessary logs that could help in the incident containment and security investigationo Escalate validated and confirmed incidents to SOC Lead
Undertake first stages of false positive and false negative analysis
Understand the structure and the meaning of logs from different log sources such as FW, IDS, Windows DC, Cisc
appliances, AV and antimalware software, email security etc.
Open incidents in ITSM Platform to report the alarms triggered or threats detected. Analyst should properly include for each incident on SIEM all details related to the logs, alarms and other indicators identified in accordance with the intervention protocol and the SLA.
Track and update incidents and requests based on client's updates and analysis resultso Report infrastructure issues to the IT support team.
Other duties related to the position Essential Skills
Knowledge and hands-on experience in the management of Mc

Afee EDR, Crowd

Strike, ENS, DLP, CASB and other security products

Rhythm and Mc

Afee, creation of basic co-relation rules, and administration of SIEM

Should have expertise on TCP/IP network traffic and event log analysis
Knowledge of ITIL disciplines such as Incident, Problem and Change Management
Expectations:
Exp 0 - 4 years SOC Engineer will be responsible for monitoring, reporting, and escalating events to our SOC Manager.
The primary function of this position is to monitor the analytics tools, perform alert management, and initial incident qualification.
This role reports to the SOC Manager.
Bachelor's degree with CEH certification
Joining time / Notice Period: Immediate joining
Shift Timings: Rotational Shifts (100% working from Bangalore office)

3 must haves

SIEM 4/5

Networking 4/5

ITSM 3/5

SOC Analyst

Job Description