Sr. SOC Analyst

Apply Now

We Can Help You Build An Exceptional Career

Join our Team

Location: Noida/Remote
Job Type: Full-Time
Years of Experience: 5-7 Yrs.
Ready to Join: Immediate

Key Responsibilities:
  • Thoroughly document incident response analysis activities
  • Detect incidents through proactive “hunting” across security-relevant datasets. 
  • Review investigations conducted by more junior analysts to ensure quality standards are met.
  • Develop new, repeatable methods for finding malicious activity across the networks.
  • Provide recommendations to enhance detection and protection capabilities.
  • Regularly present technical topics to technical and non-technical audiences
  • Develop and follow detailed operational processes and procedures to appropriately analyse, escalate, and assist in the remediation of information security incidents.
  • Prioritize multiple high-priority tasks and formulate responses/recommendations to customers and team members in a fast-paced environment.
  • Provide assistance to other security teams.
  • Continually develop new technical skills and push overall team capabilities forward.
  • Engage with and mentor other team members.
  • Work with other teams on major engineering and architecture initiatives.
  • Be innovative with their understanding of attack methodologies, malware analysis, malicious toolkits, and how those may manifest within various security technologies.
  • Advanced proactive threat hunting
  • Understands advanced adversary emulation concepts.
  • Advanced use case design for insider threat, operational, threat detection and response
  • Review of defensive and detective controls to reduce client attack surface.
  • Other duties as assigned

 

 

Required Skills and Qualifications:
  • 5+ years operational experience assessing, reviewing, and remediating infrastructure vulnerabilities, CVEs, and risks.
  • Knowledge of third-party software vulnerabilities, security threat landscape, especially network and server threats
  • Knowledge of cyber security threats and risks, vendor computing environments, basic systems, and network technologies.
  • Experience with and understanding of CVE’s and CVSS scores Knowledge of compensating controls and mitigating factors.
  • Knowledge of Information Security frameworks, guidelines, and standard methodologies.
  • Knowledge of the Windows and / or Linux operating systems
  • Knowledge and understanding of Cybersecurity controls and logging and monitoring tools.
  • Ability to expertly interact with all levels of personnel.
  • Excellent verbal and written communication skills
  • Strong in problem solving and analytical skills.
  • Ability to work on multiple projects by prioritizing and results oriented approach.
  • Good teammate with flexibility required for support operations.
  • Be well versed in the cyber threat landscape; have an advanced understanding and knowledge of what tactics and techniques are being used by adversaries; have an advanced understand and knowledge of what security controls and/or telemetry data is available to detect these tactics and techniques; and be familiar with cyber security incident response terminology, processes, and techniques.
  • Moderate to complex investigations (multiple tools) including endpoint, UEBA, public cloud, SAAS and packet analysis.
  • Security use case design recommendations for threat detection
  • Threat response activities such as quarantining host and other common response playbook activities
  • Proactive threat hunting using multiple client tools.
  • Process development and documentation.
  • Application of threat intelligence to improve detection and response capabilities.
  • Extensive experience with the MITRE @ttack framework and associated tactics
  • Extensive alert triage and endpoint investigations using technologies such as EDR.
  • Phishing analysis
  • Malware analysis (does not include reverse engineering)
  • MITRE attack framework expertise and understanding of common attack tactics used by threat actors.
  • Provide recommendations on tuning of security detection platforms and use cases to improve accuracy of detection.
  • Principal resource should have experience in Building use cases (Content Creation) with SIEM tools (any product experience will work)
  • This role demands EDR experience towards CrowdStrike, Carbon black, MS Defender, Endgame as NextGen EDR Solutions
  • Strong attention to detail and meticulous reporting using Power BI or other similar software and develop IR playbooks.
  • Strong knowledge of network security including Firewalls (Palo Alto preferred), intrusion detection systems, load balancers TCP/IP Protocols, network analysis, and network/security applications
  • Experience coordinating with multiple teams for rapid incident response and resolution.
  • Ability to multi-task, prioritize, and manage time effectively.
  • Excellent interpersonal skills and professional demeanor
  • Excellent verbal and written communication skills

Preferred Skills:

  • Experience in system administration of AD, Microsoft Azure environment, Windows servers, Unix environment.
  • Scripting knowledge (PowerShell, java, Perl)
  • Knowledge of databases and query language such as SQL
Let's Connect