Knowledge of assessing Incident severity, classifying them and performing initial investigations to determine the scope and impact.
Good experience and exposure of Incident handling by established procedures and protocols to contain, mitigate, and resolve security incidents efficiently and effectively.
Capable of identifying fine tuning requirements to avoid false-positive alerts
Identify, develop and propose enhancements to existing processes and operations
Ability to read and understand system data including security event logs, system logs, application logs, and device logs
Expert in analyzing & correlating logs from various security tools
Demonstrate ability to react quickly & take decisions for high priority incident
Ability to analyze incidents, independently form conclusions, and present findings and recommendations to other analysts
Exposure to SOPs creation related to different process and incident investigation analysis
Ability to investigate malicious activity to understand nature of threat
Ability to Collaborate/Interact with different teams in SOC
Exposure in email analysis to categorize it as a Spam/Scam, Malicious, Legitimate
Familiar with basic understanding of Malware, TCP/UDP packets, security tools such IDS/IPS, web proxies, SIEM, DNS security, DDoS protection, firewalls
