SOC Analyst L1

Home » SOC Analyst L1

Responsibilities: –

· Monitoring of security incidents in 24×7 rotational shifts.

· Detect Incidents by monitoring the SIEM console, Rules, Reports and Dashboards.

· Ensure incidents are reported as tickets using ticketing tool and handled as per SLA defined for each customer. The Standard SLA time to be taken is 10 mins per incident ticket.

· Monitor the SIEM console resources to identify any anomalies.

· Recognize potential, successful, and unsuccessful intrusion attempts/compromises thorough review and analysis of relevant event detail and summary information.

· Report the confirmed incidents to customers and escalate to them for further to the concerned L2 team.

· Track incident status to closure as per Standard Operating Procedures (SOP) defined.

· first level Triage of events as provided in Standard Operating Procedures and automate analysis if possible.

· Monitor the health of the SIEM tool and create incidents to the engineering team for their action.

· Assist L2 analysts in incident workflow whenever requested.

· Proactively identify vulnerabilities in customer infrastructure environment and suggest updating of SIEM use cases to generate alerts.

· Ensure confidentiality and protection of sensitive customer data.

 

Experience / Job Competencies / Success Factors: –

· Knowledge and experience in operating Windows & Linux Platforms.

· Scripting skill set (Bash, Python, Ruby, Perl, PowerShell) will be considered a plus.

· Hands-on experience with any commercial Security Information and Event Management (SIEM) solution

· In-depth understanding of security threats (preferably OWASP Top 10 vulnerabilities), threat attack methods and the current threat environment

· Basic understanding of common cyber-attacks (e.g., brute force, SYN flood, session hijack, smurf etc.) and their SIEM signatures.

· Must be Collaborative and team oriented.

· Must have appreciable troubleshooting and analytical skills.

· Must be able to multitask in a fast-paced environment.

· Strong written and oral communication skills

· Good Understanding of network protocols (TCP/IP stack, SSL/TLS, IPSEC, SMTP/IMAP, FTP, HTTP etc.)

· Good Understanding of Operating System, Web Server, database, and Security devices (firewall/NIDS/NIPS) logs and log formats.

 

Education Qualification Requirements: –

· Any bachelor’s degree in computer science

· Priority for B. Tech (Computer Science/IT/Electronics/Communication Engineering)

· Mandatory: CEH/CySA+/ECSA (any 1 will do)

· Desirable: SIEM product Certifications /RHCE/CCNA/CCNP

Apply Now

Latest Openings

SOC Analyst L2

Responsibilities: - · Validate the Incidents reported by SOC L1 analysts/operators. The standard SLA to be kept for...

Content writer

We are looking for a talented content writer who is passionate about writing SEO content to join our team   Key...

WordPress Developer

We are looking for a skilled WordPress developer to design and implement attractive and functional websites for us....

Full Stack Developer

Valuementor is looking for a full stack developer to join our Digital Transformation team. This position would suit an...

System Security Engineer

We are looking for a capable System Security Engineer, who enjoys security work and possesses both deep and wide...

Junior Security Consultant

Team / Department Payment Security Location Kerala, India Experience Requirements: 1 – 3 year experience   Basic...

IT Sales Executive – UAE

Responsibilities · Contact potential or existing customers to inform them about a product or service · Answer...

Senior Penetration Tester

Role You are going to be a cybersecurity expert titled to verify and improve the security system. Your role is to...

Cyber Security Consultant

  Responsibilities: o Carry out Information Security Compliance Assessments & Audits o Perform Gap Assessment...

Share your CV

jobs@valuementor.com