Role**: SOC Analyst SplunkRequired Technical Skill Set**: SIEM: SplunkSOAR: SplunkTicketing system: ServiceNow, Ivanti or ZenDeskLocation: NoidaExperience: 8+ YearsJob Description:Must Have:- Experience in one of the following roles: SOC L3, IR, TH or CSIR. - Hands-on experience in security incident response in large scale enterprises/organizations. - In-depth knowledge of APT groups and campaigns targeting CLOUD and OT environments, including their preferred TTP’s; - Understanding of cloud security (AWS, Azure, GCP) and hybrid security architectures. - Experienced in determining the relevance and urgency of alerts and in escalating tickets; · - Excellent analytical and problem-solving skills as well as interpersonal skills to interact with team members, multiple stakeholders, vendors, and upper management; - Experience with a ticketing platform or case management platform; - Experienced in building and enhancing processes, procedures, tools and methodologies used in SOC environment;Roles and Responsibilities:1.Own end-to-end security cases, ranging from user reported events, tool generated alerts, mdrescalations, thorough anomalous activity discovery by leveraging threat hunting techniques, until theroot cause is capture and documented (end to end case management);2. Perform deep-dive investigations by correlating siem, edr, network, cloud, identity, email, proxy andSaaS telemetry to determine, blast radius, and business impact, delivering a defensible and evidencepackage while maintaining a close collaboration with our numerous enterprise teams (such ass: appsec, grc, vm, network, devops, fw-waf, etc.);3. Execute response actions per ir playbooks (example: endpoint isolation, nac/fw blocks, accountdisables, session or key revocation, etc.);4. Triage user security requests from the SOC mailbox and ticketing platform (example: e-mail analysisrequest/quarantine release, SaaS instance/system level log reviews, etc.);5. Author and maintain version controlled the soc’s ir playbooks, sop’s, processes, kb (tribal knowledge)
Job Title
Senior Soc Analyst