Sr. SOC Analyst

• Perform day-to-day operations of the Security Operations Center (SOC), including monitoring security alerts, incidents, and events.
• Administer and maintain security monitoring tools, including Security Information and Event Management (SIEM), Endpoint Detection & Response (EDR) and other security technologies.
• Conduct root cause analysis of security incidents and recommend containment and remediation measures.
• Provide tiered support for security incidents and events, including incident triage, escalation, and resolution.
• Monitor the health and performance of SOC infrastructure components.
• Collaborate with cross-functional teams to respond and mitigate security incidents, including coordinating incident response activities and communicating with stakeholders.
• Perform proactive threat hunting and security monitoring to identify and respond to potential security threats and vulnerabilities.
• Develop and maintain custom parsers for log sources to ensure accurate data normalization and event correlation within the SIEM.
• Onboard and validate log sources in the SIEM platform to ensure asset coverage and visibility.
• Participate in security incident response exercises and tabletop simulations to test and improve incident response procedures.
• Assist with SOC administration tasks, including user access management, tool configuration, fine tuning, and system maintenance/upgrades.
• Develop & update use-cases, SOC policies, procedures, guidelines in alignment with industry standards and regulatory requirements.
• Conduct post-incident analysis and implement improvements to prevent future incidents.
• Assist in the configuration, tuning, patching, and maintenance of SIEM.
• Any other related duty assigned by the Security Ops Lead/ HOD IS.

Requirements

• Bachelor’s degree in technology/engineering/Information Security related field required.
• Minimum 2 to 3 years of hands-on experience in SOC and information security in a large enterprise environment.
• Strong understanding of SIEM, SOC operations and security monitoring principles.
• Experience with SIEM administration, including asset integration, parsing, creating correlation rules, custom dashboards, and reports.
• Proficiency in conducting security investigations and incident response activities.
• Strong knowledge of security technologies such as IDS/IPS, firewalls, WAF, PAM, DLP, Endpoint Detection and Response (EDR), SOAR, and network security monitoring (NSM).
• Ability to analyze security event data and identify indicators of compromise (IOCs) and security anomalies.
• Excellent communication and collaboration skills, with the ability to work effectively in a team environment.
• Attention to detail and strong problem-solving skills.

Benefits

• Competitive salary
• Fuel Card
• Health benefits
• Professional development opportunities
• Inclusive work culture & much more