· Provide Monitoring and Analysis support of computer security events.
· Monitor SIEM Dashboards
· Understand and Detect Cyber Security Events
· Perform initial triage
· Perform Incident Analysis
· Raise Incident and perform mitigation with the help of asset owners.
· Validate and report efficacy of SIEM Rules.
· Report computer security events, in accordance with established processes and procedures.
· Perform role of Level 2.
· Requires working in shift basis (SOC operations are on 24×7 basis)
Experience / Job Competencies / Success Factors: –
· 1-2 years technical experience working in a SOC and cyber security incident response –
· Experience with Alienvault/Qradar Security Information and Event Management (SIEM) solution.
· In-depth understanding of security threats (preferably OWASP Top 10 vulnerabilities), threat attack methods and the current threat environment
· Understanding of common attacks (e.g. brute force, SYN flood, session hijack, smurf etc.) and their SIEM signatures.
· Experience in security monitoring, Incident Response (IR), security tools configuration and security remediation
· Must have excellent troubleshooting and analytical skills.
· Must be able to multitask in a fast-paced environment.
· Understanding of network protocols (TCP/IP stack, SSL/TLS, IPSEC, SMTP/IMAP, FTP, HTTP etc.)
· Understanding of Operating System, Web Server, database and Security devices (firewall/NIDS/NIPS) logs and log formats.
· Understanding of String Parsing and Regular Expressions.-
Education Qualification Requirements:-
· B.Tech (Computer Science/IT/Electronics/Communication Engineering) with min 60 marks or 6.0 CGPA
· Mandatory: CEH/CCNA/CHFI (any 1 will do)
· Desirable: SIEM Certification (Qradar,Alienvault)Apply Now