Sr. SOC Analyst is responsible for designing, configuring, and deploying rules, alerts and dashboards in SIEM solution to monitor and assess information technology systems. SOC Analyst specifically analyse and research the attack pattern targeting specific industries and develop relevant cases to enrich SOC capability with early detection and response of threats.
Minimum:
▪ 8+ years’ of relevant work experience▪ 3+ years’ of experience of managing SOC setups in a large environment
Education – Bachelor’s Degree in Computer Science/ Engineering or other related degree.
▪ Work Experience with IBM QRadar.
▪ SIEM use-cases design, development, documentation, and life-cycle management experience.
▪ Extensive forensic experience, threat analytic and incident response capabilities.
▪ Demonstrate strong understanding of security concepts, best practices and tools.
▪ Understanding of cyber risks and threats.
▪ Strong understanding of security controls to mitigate risk and threats.
▪ Knowledge of cyber security principles, techniques, and technologies.
▪ Experience in reporting risks and threats to internal and external groups.
▪ Knowledge of networking protocols, technologies, and operating systems.
Operational Roles
Normal 0 false false false EN-US X-NONE X-NONE1. Review and monitor high-level and low-level design for
Security Operations Centre and associated tools
2. Review and monitor implementation of SOC policies and
procedures
3. Review and monitor implementation and commissioning of
SOC setup and associated tools
4. Review UAT cases and reports of SOC and associated
tool implementation 5. Review and monitor fine-tuning of SOC use cases and
configuration change requests
6. Review and monitor baseline configuration documents
7. Review compliance to baseline configuration documents
8. Review and monitor security incident management and
problem management plans
9. Review security incident reports
10. Review security MIS reports on security operations
like administration, maintenance, patch management, antivirus management and
SLAs
11. Respond to after hours (on-call support) for any
issue as required
12. Maintain and manage knowledge base content and
lessons learned database
13. Review and test use-cases and update false positive database/knowledge 14. Maintain and update SOPs, standards, and runbooks documents
- Prepare Root Cause Analysis documents
- Ensure SOC events are addressed in a timely manner and continuously improve detection capability
- Act as a cyber monitoring subject-matter expert for incident detection, and analysis techniques, provide coaching for junior analysts