arrow Back

Security Analyst

Soc Administration
Pune, India

By contacting us you agree with the storage and handling of your data by this website. Please view the terms of our policy here.

Job Description

We are looking for a Security Analyst for our SOC Administration team that will:

a) Monitor, maintain and troubleshoot health related issues relating to the SOC Tools.
b) Onboarding and troubleshooting of the devices and non-reporting devices.
c) Lead and guide a team of Security Engineers on shift for resolution of incident tickets raised in the shift.

  • Good knowledge of SIEM, SIEM Architecture, SIEM health check.
  • Good verbal/written communication skills.
  • Review of daily health check of SIEM components like collector, processor, console etc.
  • Data archiving and backup and data purging as required and for compliance.
  • Raising change management tickets for SOC Administration activities like Patch upgrade for SIEM etc.
  • Helping L3 and assisting L1 with required knowledge base details and basic documentations.
  • Co-ordination with L1 and SOC Monitoring team on troubleshooting issues and highlighting it to L3 for further resolution and escalation.
  • High ethics, ability to protect confidential information.
  • Work on fine tuning of correlation rules, creation of monitoring dashboards and filtering of traffic.
  • Building of incident reports, check if SLA has been met for incident alerting and incident closure.
  • Update and maintain SOC knowledge base for new security incidents and docs.
  • Creation of daily status report sheet and submit to SOC lead for review.
  • Review advisories and make necessary detection measures.
  • Troubleshooting non-reporting devices and maintain device status.
  • Working with OEM (Tool support) in a way to resolve the issue or incident raised.
  • Administration of Windows Servers on which the tools have been installed.
Essential Skills
  • Escalation point for L1 and SOC Monitoring team.
  • Good experience in SIEM administration and event flow architecture and different types of logs generated by devices like Windows, Proxy, Network Devices, Database…etc.
  • Good understanding of Firewall, IDP/IPS, SIEM functioning (Generalize HLD as well as LLD).
  • Deep understanding of Windows, DB, Mail cluster, VM and Linux commands.
  • Must have knowledge of onboarding different devices into SIEM
  • Knowledge of network protocols TCP/IP and ports.
  • Team spirit and working ideas heading to resolution of issues.
  • Good verbal/written communication skills.