SOC Analyst-Technical Operations

Job Description:

Responsibilities:

• Continuously monitor security alerts and events using various security information and event management (SIEM) tools.
• Analyze network traffic, system logs, and other data sources to identify potential security incidents.
• Investigate alerts to determine the root cause and severity of incidents.

 Incident Response:

• Respond promptly to security incidents, following established procedures and protocols.
• Coordinate with other members of the SOC team and relevant stakeholders to contain and mitigate security breaches.
• Document incident details, actions taken, and lessons learned for future reference and improvement.

Threat Intelligence:

• Stay updated on emerging threats, vulnerabilities, and attack techniques through threat intelligence feeds and industry sources.
• Utilize threat intelligence to enhance detection capabilities and improve incident response strategies.

Security Tool Management:

• Maintain and configure security tools such as firewalls, intrusion detection/prevention systems (IDS/IPS), antivirus software, and endpoint detection and response (EDR) solutions.
• Ensure that security systems are properly tuned and updated to maximize effectiveness.

Vulnerability Management:

• Assist in vulnerability assessments and penetration testing activities to identify weaknesses in systems and applications.
• Collaborate with IT teams to prioritize and remediate vulnerabilities in a timely manner.

Reporting and Communication:

• Prepare regular reports on security incidents, trends, and metrics for management and other stakeholders.
• Communicate effectively with technical and non-technical audiences regarding security issues and recommendations.

Required Skill Set:

• Bachelor's degree in Computer Science, Information Security, or related field (or equivalent work experience).
• Excellent understanding of networking concepts, protocols, and security principles.
• Experience with SIEM tools, intrusion detection systems, and other security technologies.
• Strong analytical and problem-solving skills, with the ability to quickly assess and prioritize security risks.
• Proven experience in vulnerability scanning.
• Knowledge of networking, systems architecture, and security frameworks.
• Expertise in Tenable.io and other scanning tools
• Excellent communication and interpersonal skills, with the ability to work effectively in a team environment.
• Relevant certifications such as CompTIA Security+, GIAC Certified Incident Handler (GCIH), or Certified Information Systems Security Professional (CISSP) are a plus.
• Excellent written and verbal communication skills with a high degree of accuracy and attention to detail.
• Identifying and recommending changes in standard operating procedures to increase efficiency.
• Relevant certifications (CISSP, CISA, CEH) are a plus.
• Experience in handling multiple tasks
• Result Oriented & able to deliver within timelines
• Willing to work in 24/7 Environment, 5 Days working, and Rotational Shift (including US, APAC and EMEA Region)