arrow Back

Security Analyst

Soc Administration
|
Pune, India

By contacting us you agree with the storage and handling of your data by this website. Please view the terms of our policy here.

Job Description

We are looking for a Security Analyst for our SOC Administration team that will:

a) Monitor, maintain and troubleshoot health related issues relating to the SOC Tools.
b) Onboarding and troubleshooting of the devices and non-reporting devices.
c) Lead and guide a team of Security Engineers on shift for resolution of incident tickets raised in the shift.

Responsibilities
  • Good knowledge of SIEM, SIEM Architecture, SIEM health check.
  • Good verbal/written communication skills.
  • Review of daily health check of SIEM components like collector, processor, console etc.
  • Data archiving and backup and data purging as required and for compliance.
  • Raising change management tickets for SOC Administration activities like Patch upgrade for SIEM etc.
  • Helping L3 and assisting L1 with required knowledge base details and basic documentations.
  • Co-ordination with L1 and SOC Monitoring team on troubleshooting issues and highlighting it to L3 for further resolution and escalation.
  • High ethics, ability to protect confidential information.
  • Work on fine tuning of correlation rules, creation of monitoring dashboards and filtering of traffic.
  • Building of incident reports, check if SLA has been met for incident alerting and incident closure.
  • Update and maintain SOC knowledge base for new security incidents and docs.
  • Creation of daily status report sheet and submit to SOC lead for review.
  • Review advisories and make necessary detection measures.
  • Troubleshooting non-reporting devices and maintain device status.
  • Working with OEM (Tool support) in a way to resolve the issue or incident raised.
  • Administration of Windows Servers on which the tools have been installed.
Essential Skills
  • Escalation point for L1 and SOC Monitoring team.
  • Good experience in SIEM administration and event flow architecture and different types of logs generated by devices like Windows, Proxy, Network Devices, Database…etc.
  • Good understanding of Firewall, IDP/IPS, SIEM functioning (Generalize HLD as well as LLD).
  • Deep understanding of Windows, DB, Mail cluster, VM and Linux commands.
  • Must have knowledge of onboarding different devices into SIEM
  • Knowledge of network protocols TCP/IP and ports.
  • Team spirit and working ideas heading to resolution of issues.
  • Good verbal/written communication skills.

Job Reference Number

CYB-SOCA-19

Job Title

Security Analyst – SOC Administration Team

Location

Pune, India

Salary/Package

Negotiable depending on experience

Tools

Good knowledge of:
SIEM – Architecture, working of different components
Availability tools like Nagios, PRTG etc
Windows Server Administration
Linux Server administration

Additional Skills

  • Excel, formulation
  • Documentation and presentation
  • Quick response to issues and mail with prioritisation
  • Ready to work in a 24×7 environment

Education Requirements & Experience

  • BE/B.Tech – CS/CSE or equivalent trade, CCNA, MSCE.
  • SIEM tool Certification
  • CEH will be a plus
  • Experience Level: 2-4 Years

Apply
close icon
Prioritise and Escalate Incidents
SHQ Response Platform enhances collaboration in pre-empting, identifying, and mitigating risks before they become security incidents.
Explore SHQ Response Platform arrow
Live Webinar
Global Threat Landscape 2024 Forecast
Register Now arrow
Live Webinar
Global Threat Landscape 2024 Forecast
Register Now arrow
Less Panic, More Risk Management
It’s time to reclaim control. Turn your boardroom back into a boardroom, not a panic room!
Watch Video arrow