Job Description
- Recognize successful cyber intrusions and compromises through log review and analysis of relevant event detail information.
- Acknowledge, analyse, validate incidents and alerts triggered by SIEM solution
- Launch and track security investigations to resolution. Recognize cyber-attacks based on their signatures. Differentiate the false positives from true intrusion attempts and help remediate / prevent.
- Actively investigate the latest in security vulnerabilities, advisories, incidents, and penetration techniques and notify client when appropriate.
- Perform tasks as identified in a Security Operations Process Manual and runbooks.
- Coordinate with Client's internal teams for relevant security incident investigations.
- Conduct periodic Vulnerability Assessment and Reporting.
- Configure reports, dashboard, alerts of Security Events, Logs as per customer requirement.
- Install and Configure Log Collectors.
- Configure and set up alerts for Security Event Log Management with SIEM, deploy agents, implement/ fine tune rules.
Endpoint Detection and Respond SOC SentinelOne, Crowd Strike, Microsoft Defender
- Monitoring, analyzing, and detecting security events and incidents related to endpoints
- Manage, tune, and optimize EDR tool which includes evaluating existing rules.
- Certification is Plus
24*7 Shift
Work from office
Early joiner preferred
Skills: soc,siem,dashboard,customer,edr,security
