Security Operations Center Analyst

About the job

Responsibilities • Must have expert networking protocol knowledge. • Able to demonstrate an understanding of current offensive / defensive computing and forensics. • Should be able to provide threat Intel services. • Prior experience detecting, analyzing and/or responding to security incidents. • Demonstrated ability to analyze and correlate information from a wide variety of enterprise technologies. • Good Communication skills. • Hands-on experience with common security technologies (IDS, Firewall, Rapid7, EDR, Microsoft security suite etc.) • Understanding of common security threats, attack vectors, vulnerabilities, and exploits • Shift work, with flexibility to cover both day and nighttime shifts. • Should be able to work independently, independently with Vendors and drive the calls whenever required. Qualifications • Provide incident response as part of the 24x7 Security Operations Center • Manage the security vulnerabilities and risks across WB including identifying, supporting application/system owners to manage risks and remediate vulnerabilities. • Work closely with both business-oriented executives and technology-oriented personnel to ensure adequate processes are in place and actions are being taken to mitigate identified risks proactively. • Develop strategies to identify, manage, and mitigate identified threats and vulnerabilities to attain desired risk profile and communicate strategies to key stakeholders. • Produces and regularly evaluates all TVM programs and process related documentation. • Ensure effective and complete scanning of the test, corporate and production environments. • Create projects within the tool and monitor the progress & regular follow ups with Patching team and application & server owners. • Monitoring of events & alerts from a multitude of technologies to detect malicious activity. • Detailed analysis using a variety of tools and techniques to investigate, navigate, correlate, and fully understand security incidents of the data available. • Conducts initial triage of security events and incidents. Facilitates communication within the SOC and documents progress throughout the Incident Response Lifecycle. • Recognizes potential, successful, and unsuccessful intrusion attempts and compromises through reviews and correlation with different security tools. • Proper escalation and hand-off of security incidents for containment and remediation. • Tuning of rules, filters, and policies for detection-related security technologies to improve accuracy and visibility. • Jumping on the call with Vendors and other teams to discuss issues / to get their requirements and deliver the same in the form of projects. • Providing weekly/monthly reports to the Upper Management.

Requirements

• Incident Response
• Threat Intel
• Security Analysis

Preferred Technologies

• Incident Response
• Threat Intel
• Security Analysis

About the company

null