Job Description

Role & responsibilities Major Responsibilities include: Incident Detection and Analysis Analyze all the active security alerts, events, and incidents on Splunk SIEM for detecting, investigating, and responding to security threats. Conduct log analysis and pattern recognition on Splunk to identify anomalies or IOCs. Create detailed incident reports based on investigation and root cause analysis for security events and incidents. Carry out detection of potential threats through threat intelligence feeds and correlation rules. Incident Response Management First Responder for the Security Incident, ensuring that it is promptly and accurately handled, documented, and escalated. Execution of the incident response lifecycle, including Containment, Eradication and Recovery Work with IT, Network and other teams to contain and remediate incidents and ensure minimal impact and ability to restore normal operations Proactively hunt for threats using Splunk and security tools to identify potential vulnerabilities. Research emerging threats, vulnerabilities, and attack vectors and recommend associated detection methodologies. Technical Competency Knowledge about other Splunk SIEM, SOC, EDR. Building dashboards, log intake, use cases building, and fine-tuning. Analitical Aptitude: Good analytical mind with problem-solving abilities while doing investigations. Communication: Effective communication of the findings using both written as well as the verbal method. Detail orientation: Having good attention to details in log analysis and report generation. Adaptability: Adaptability to working in a high-pressure environment, where multiple incidents and priorities are expected to be dealt with. Requirements Bachelor's degree in computer science, Cybersecurity, Information Systems or related field. Experience in security operations, incident response and threat analysis Good knowledge about the concepts of SIEM, SOC operations, log management, and threat intelligence. Security frameworks: knowledge about NIST, MITRE ATT&CK, ISO 27001; incident response Preferred candidate profile Job Summary: We are looking for an experienced and motivated Incident Response Analyst with hands-on knowledge of SOC/SIEM(preferable Splunk), which can be a great addition to our Cybersecurity team. The role of monitoring, analysis, and response to the security incidents ensures the confidentiality, integrity, and availability of the information systems of the company. The suitable candidate would be familiar with the use of Splunk in order to analyze and remediate security threats and would collaborate with various teams for enhancing our security posture. Perks and benefits hybrid