Role : SOC Analyst, L3Location : Mumbai (WFO)Primary Responsibilities- Advanced Cyber Analytics, Proactively drive hunting and analysis against the dataset available for customers - Work with our security operations center (SOC) and take the lead role in threat detection and incident response activities - Leverage internal and external resources to research threats, vulnerabilities, and intelligence on various attackers and attack infrastructure - Use Big Data Analytics platform to identify threats, determine root cause, scope, and severity of each and compile/report findings - Work with Threat Intelligence and Malware solutions to identify threats, develop or recommend countermeasures, and perform advanced network and host analysis in the event of a compromise - Leveraging tactical and technical intelligence for eradication of threats - Characterize suspicious binaries and be able identify traits, C2, and develop network and host-based IOCs - Identify potential malicious activity from memory dumps, logs, and packet captures - Through review and analysis of cyber threats, provide both internal & external parties key information to respond to threat - Participate as part of a close team of technical specialists on coordinated responses and subsequent remediation of security incidents - Interface with customers on a daily basis to consult with them on best security practices and help them mature their security posture - Create Threat Models based on Mitre ATT&CK framework and cyber kill chain for customers - Linking of threat models with SIEM use cases and hunting exercises - Basic Malware Analysis - Work with SOAR platforms to generate and configure orchestration workflows and responsesSecondary Responsibilities- Creation of Knowledge base - Guide Cyber SOC Team to have new unique use cases on SIEM - Self-development through trainingTypical Years of Experience- 5–7 years (Relevant)Educational Qualification- BE/BSC(Comp/IT)(or equivalent)Technical Skills- Advanced operational experience as a Cyber Threat Hunter - Experience of current threats, vulnerabilities, and attack trends - Critical thinking and problem solving skills - Experience with SIEM (DNIF/Qradar), BIG data platforms, Threat Intelligence solutions - Familiarity with netflow data, packet analysis and operating system knowledgeCertifications like GCIA or GCIH, CTIA etc will be given preferenceSoft Skills- Self driven and motivated to achieve success - Good communication skills - Team Player - Assertive in communicationKey Competencies• Good communication skills
Job Title
Security Operations Center Analyst (L3,7 Yrs IBM Qradar, Threat hunting)