SOC Analyst L2

Home » SOC Analyst L2

Responsibilities: –

· Validate the Incidents reported by SOC L1 analysts/operators. The standard SLA to be kept for each incident validation is 30 mins.

· Responsible for incident investigation, evidence collection, diagnosis, recovery within defined SLA and closing incidents.

· Understand information security policies and procedures defined in customer environments.

· Interact with concerned external parties/clients to resolve the queries related to the incidents raised.

· Communicate with external teams/client in proper incident resolution.

· Manage the SIEM incidents knowledge base.

· Create report templates in the SIEM tool as defined by SOC lead.

· Generate the daily reports, weekly reports, and monthly reports on time.

· Maintain the timely delivery of reports.

· Provide shift hand over reports as per defined template.

· Ensure confidentiality and protection of sensitive data.

· Educating and mentoring the L1 team.

· Provide technical and functional support to L1 Team with analytical feedback.

· Identify the intrusion attempts if there are any missed by SOC L1 analyst/ operators.

· Support any duties directed from the SOC lead.

· Perform use case testing and review to revoke obsolete use cases.

· Inform SOC lead of proactive and reactive actions to ensure adherence to security policy.

· Review and understand collected metrics from monitoring systems and be aware of patterns and anomalies.

· Highlight gaps in SOPs to SOC lead.

· Escalation of incident to SOC Lead for non-stand incident.

 

Experience / Job Competencies / Success Factors: –

· 2+ years technical experience working in a SOC and/or cyber security incident response team.

· Ability to analyze captured data to perform incident response and identify potential compromises to customer networks.

· Possesses a solid understanding of the TCP/IP protocol suite, security architecture, and remote access security techniques/products.

· Experience analyzing both log and packet data utilizing standard tools like Wireshark, tcpdump and other capture/analysis tools.

· Ability to perform network-based forensics and log analysis.

· Strong understanding of incident response methodologies and technologies

· Experience with log management and/or SIEM technologies such as Splunk, ArcSight, LogRhythm and the like.

· Experience with network monitoring tools such as RSA Netwitness, Bluecoat Security Analytics and the like is a plus.

· Experience in working in ELK platform is a plus

· Malware analysis and reverse engineering is a plus.

· Must be reliable and able to function as part of a 24×7 operations center.

· Strong communication skills and presentation skills

· Excellent written and verbal English communication skills are required.

· Must be a strong team player with self-directed work habits, exhibiting initiative, drive, creativity, maturity, self-assurance, and professionalism.

· Demonstrated analytical and problem-solving skills.

· Awareness of frameworks such as MITRE ATT&CK and NIST and how they can be applied effectively within an enterprise.

· Understanding of tools that can be used to assist in investigations; VirusTotal, Passive DNS, WHOIS

· knowledge of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise Anti-Virus/EDR/EPP products

· Understanding of programming and scripting such as Python, Perl, Bash, PowerShell, C++

 

Education Qualification Requirements: –

· Any bachelor’s degree in computer science

· Priority for B. Tech (Computer Science/IT/Electronics/Communication Engineering)

· Mandatory: CEH/CySA+/CHFI (any 2 will do)

· Desirable: SIEM product Certifications /GCIH/GCFI/SANS certifications in DFIR

Apply Now

Latest Openings

SOC Analyst L1

Responsibilities: - · Monitoring of security incidents in 24x7 rotational shifts. · Detect Incidents by monitoring the...

Content writer

We are looking for a talented content writer who is passionate about writing SEO content to join our team   Key...

WordPress Developer

We are looking for a skilled WordPress developer to design and implement attractive and functional websites for us....

Full Stack Developer

Valuementor is looking for a full stack developer to join our Digital Transformation team. This position would suit an...

System Security Engineer

We are looking for a capable System Security Engineer, who enjoys security work and possesses both deep and wide...

Junior Security Consultant

Team / Department Payment Security Location Kerala, India Experience Requirements: 1 – 3 year experience   Basic...

IT Sales Executive – UAE

Responsibilities · Contact potential or existing customers to inform them about a product or service · Answer...

Senior Penetration Tester

Role You are going to be a cybersecurity expert titled to verify and improve the security system. Your role is to...

Cyber Security Consultant

  Responsibilities: o Carry out Information Security Compliance Assessments & Audits o Perform Gap Assessment...

Share your CV

jobs@valuementor.com