L3 SOC Engineer
[24]7.ai
Bangalore
5d ago

Position : L3 SOC Monitoring Analyst

Reports to : SOC Lead

Department : Information Security

POSITION SUMMARY :

The Level Three SOC Monitoring analyst will fit into a global team providing 24 / 7 monitoring, reviewing asset discovery and vulnerability assessment data.

The L3 Analyst is expected to explore ways to identify stealthy threats that may have found their way inside the network, without detection using the latest threat intelligence tools.

POSITION RESPONSIBILITIES :

  • Performs advance analysis using a variety of tools and techniques to investigate, navigate, correlate, and understand security incidents
  • Perform / review incident investigation and prepare analysis reports, categorize incidents, update incident ticket and actions performed
  • RCA preparation and review of security incidents
  • Create weekly reports for management showing the health and effectiveness of security monitoring tools
  • Support SIEM and monitoring tools administration if required
  • Deep investigation of incidents to work with Global SOC and SIRT
  • Responsible to keep asset inventory up to date
  • Reviews asset discovery and vulnerability assessment data to identify security issues / incidents
  • Provide recommendations on how to improve our security posture from the technical perspective
  • Educational Requirements :

  • Bachelor’s degree or equivalent working experience
  • Desired Certifications : Cisco CCNA Security or Cyber OpsEC Council (CEH or Incident Handler)GIAC related certificationsCloud Security
  • Required Skills and Abilities :

  • 6+ years previous working experience in a SOC or Cyber Security
  • Knowledge of various operating systems
  • Prior experience in detecting, analyzing and investigating security incidents
  • Excellent experience in threat intelligence, network forensics
  • Strong, verbal, and written communication, facilitation, and interpersonal skills
  • Required Experience in administrating or monitoring detection / security tools :
  • SIEM
  • Endpoint Protection
  • IPS / IDS
  • Cloud Security (GCP. AWS, Azure)
  • Identity and Access Management
  • Firewalls and Networking
  • Good understanding of security and incident response activities
  • Core understanding of possible attacks activities such as network probing / scanning, DDOS, etc.
  • Good understanding of vulnerability assessment tools
  • Good networking understanding
  • English proficiency (written and oral)
  • Ability to complete tasks and deliver on time, and good interaction with other teams
  • Self-Motivated, curious, and knowledgeable pertaining to news and current information security trends and news.
  • Desired hands-on experience on :
  • McAfee SIEM / Nitro
  • Sumo Logic
  • Cisco (ASA, Firepower, IDS,e etc.)
  • Tanium
  • Crowdstrike or any other EDR
  • Palo Alto
  • Cloud Computing such as AWS, GCP or Azure
  • Proofpoint
  • Report this job
    checkmark

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Apply
    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Continue
    Application form