SOC Analyst L2

Home » SOC Analyst L2

Responsibilities: –

· Validate the Incidents reported by SOC L1 analysts/operators. The standard SLA to be kept for each incident validation is 30 mins.

· Responsible for incident investigation, evidence collection, diagnosis, recovery within defined SLA and closing incidents.

· Understand information security policies and procedures defined in customer environments.

· Interact with concerned external parties/clients to resolve the queries related to the incidents raised.

· Communicate with external teams/client in proper incident resolution.

· Manage the SIEM incidents knowledge base.

· Create report templates in the SIEM tool as defined by SOC lead.

· Generate the daily reports, weekly reports, and monthly reports on time.

· Maintain the timely delivery of reports.

· Provide shift hand over reports as per defined template.

· Ensure confidentiality and protection of sensitive data.

· Educating and mentoring the L1 team.

· Provide technical and functional support to L1 Team with analytical feedback.

· Identify the intrusion attempts if there are any missed by SOC L1 analyst/ operators.

· Support any duties directed from the SOC lead.

· Perform use case testing and review to revoke obsolete use cases.

· Inform SOC lead of proactive and reactive actions to ensure adherence to security policy.

· Review and understand collected metrics from monitoring systems and be aware of patterns and anomalies.

· Highlight gaps in SOPs to SOC lead.

· Escalation of incident to SOC Lead for non-stand incident.

 

Experience / Job Competencies / Success Factors: –

· 2+ years technical experience working in a SOC and/or cyber security incident response team.

· Ability to analyze captured data to perform incident response and identify potential compromises to customer networks.

· Possesses a solid understanding of the TCP/IP protocol suite, security architecture, and remote access security techniques/products.

· Experience analyzing both log and packet data utilizing standard tools like Wireshark, tcpdump and other capture/analysis tools.

· Ability to perform network-based forensics and log analysis.

· Strong understanding of incident response methodologies and technologies

· Experience with log management and/or SIEM technologies such as Splunk, ArcSight, LogRhythm and the like.

· Experience with network monitoring tools such as RSA Netwitness, Bluecoat Security Analytics and the like is a plus.

· Experience in working in ELK platform is a plus

· Malware analysis and reverse engineering is a plus.

· Must be reliable and able to function as part of a 24×7 operations center.

· Strong communication skills and presentation skills

· Excellent written and verbal English communication skills are required.

· Must be a strong team player with self-directed work habits, exhibiting initiative, drive, creativity, maturity, self-assurance, and professionalism.

· Demonstrated analytical and problem-solving skills.

· Awareness of frameworks such as MITRE ATT&CK and NIST and how they can be applied effectively within an enterprise.

· Understanding of tools that can be used to assist in investigations; VirusTotal, Passive DNS, WHOIS

· knowledge of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise Anti-Virus/EDR/EPP products

· Understanding of programming and scripting such as Python, Perl, Bash, PowerShell, C++

 

Education Qualification Requirements: –

· Any bachelor’s degree in computer science

· Priority for B. Tech (Computer Science/IT/Electronics/Communication Engineering)

· Mandatory: CEH/CySA+/CHFI (any 2 will do)

· Desirable: SIEM product Certifications /GCIH/GCFI/SANS certifications in DFIR

Apply Now

Latest Openings

SOC Analyst- Onsite Support

Responsibilities: - ·        Integration of advanced security solutions in to SIEM technology based on SOC processes...

Digital Marketing- Team Lead

Responsibilities: - ·        Assist the team in the development of the overall digital marketing strategy...

SOC Engineer

Responsibilities: - · Configure and administer the SIEM to support the needs of SOC. · Provide technical support for...

PHP Laravel Developer

Role Looking for an IT professional specialized in developing web applications using Laravel Framework within PHP...

Proposal Writer-Lead

Roles and responsibilities: · Run the proposal creation process for the responses to RFPs, RFQs and RFIs received. ·...

Proposal Writer

Roles and responsibilities: · Run the proposal creation process for the responses to RFPs, RFQs and RFIs received. ·...

SOC Analyst L1

Responsibilities: - · Monitoring of security incidents in 24x7 rotational shifts. · Detect Incidents by monitoring the...

Content writer

We are looking for a talented content writer who is passionate about writing SEO content to join our team   Key...

WordPress Developer

We are looking for a skilled WordPress developer to design and implement attractive and functional websites for us....

Full Stack Developer

Valuementor is looking for a full stack developer to join our Digital Transformation team. This position would suit an...

Share your CV

jobs@valuementor.com