Soc Analyst

Job Description

Position Overview : To operate around the clock, and to prevent, detect, assess and respond to cybersecurity threats and incidents, and to fulfil and assess regulatory compliance. To work and handle on behalf of an institution or company, any threatening IT incident, and will ensure that it is properly identified, analysed, communicated, investigated and reported. The SOC also monitors applications to identify a possible cyber-attack or intrusion (event), and determines if it is a genuine malicious threat (incident), and if it could affect business. To assist the Privacy and Compliance Teams in investigating Privacy related Incidents which involves Digital Forensics for Information Gathering. Job Functions/Responsibilities • Minimum 5+ years as a SOC analyst with exposure to Digital Forensics, Threat Hunting and Incident Response Management. • Experience in Linux Operating Security and Active Directory Security • Able to do Research and analysis on any Security incidents. • 24/7 support. Should be able to work on Saturday and Sunday • To prevent, detect, assess, and respond to cybersecurity threats and incidents • To assist the Compliance Team in digital forensics and information gathering • To monitor different tools for intrusions, malicious traffic, threats etc • Malware analysis • Network Security • Threat Intel and Threat Hunting • Vulnerability Assessments • Log Analysis • Endpoint Security • Physical Access Control Systems • Digital Forensics Windows and Linux • Good knowledge on Mitre Attack framework • Experienced with Sysmon logs and investigation is a must • To investigate the attack techniques using Sysmon logs and hunt for the IOCs collected. Experience/Education Requirements • Any Graduate • 5+ Years of experience as SOC Analyst and in Incident Response Management, Digital • Forensics (Windows and Linux) and Threat Hunting • Certified in Ethical Hacker, Certified Incident Handler, Comptia Security+, CHFI preferred For internal circulation purposes Other Skills/Abilities • Experienced in Incident Response Management (L1 & L2) and should be familiar with Incident Response Lifecycle • Firewall knowledge • IDS/IPS experience • Log Management/SIEM tool experience • Network Analysis tool System Analysis Malware Analysis Endpoint Security DLP • Operating Systems (Linux and Windows) • Vulnerability assessment tool experience • RSS Feeds/Updates familiarity • Malware signatures and latest vulnerabilities updates familiarity • Must be excellent in Verbal and Written Communication • Digital Forensics (Windows and Linux) • Experience with Splunk Enterprise Security or any SIEM Correlation tools preferre