Having knowledge / experience on any SIEM tool (preferably SPLUNK) and SOAR tools ( preferably TINES).
Exposure to Mitre framework and equivalent, Hands-on experience in EDR platforms ( CROWDSTRIKE ) and threat analysis, threat hunting / incident response experience.
Experience in analysing security incidents and responding to them in methodical manner
Knowledge in Network security/ System Security/ Endpoint Security.
Experience of Event Monitoring and analysis and escalations. Provide inputs for content management.
Experience on Monthly, Weekly, and daily reporting.
Willing to work on 24/7 operations.
Review SIEM escalated incidents and qualify true positives
Provide a monthly trend and security analysis summary report
Provide SIEM event/Incident analytics support
Provide log analysis summary and recommendations on detection/protection of incidents
Perform advanced triages and work in collaboration with resolved groups, third party or with designated customer contacts
Liaise between cross functional teams and assist in formulating security incident response report
Advocate protection and mitigation strategies to be implemented from lessons learnt exercises

SOC Analyst (ONLY LOCALS)

Similar Analytics Jobs