L1 SOC Analyst
Mumbai, Maharashtra, India
WTW
Bei WTW bieten wir datengesteuerte, evidenzbasierte Lösungen in den Bereichen Mitarbeiter, Risiko und Kapital an.Role and Responsibilites:
You will be working as part of a 24/7 SOC across different locations and therefore you must be a true team player, with theability and desire to engage with different internal stakeholders and colleagues to deliver the very highest standards of serviceand support.
▪ 2 - 3 Years’ Experience working as part of a mature cyber defence centre or security operations centre.
▪ To be effective, you need to have great troubleshooting skills, the ability to research problems and the ability to effectivelycommunicate during stressful times, while keeping a cool, calm, and friendly approach when dealing with stakeholders andcolleagues
.▪ Solid time management skills and be dependable.
▪ Hands on experience of using a SIEM, UEBA, and EDR as a Level 1 security analyst.
▪ Leading Investigations and comfortable talking to stakeholders and colleagues on both a technical and non-technical level.
▪ Great verbal and written communication skills, and the ability to write reports in a structured methodology.
▪ BSc/MSc in a security field or equivalent experience working within a security related function.
▪ To be inquisitive, with a strong sense of personal responsibility for learning and self-development
.▪ Being able to identify common attack techniques within the context of specific technologies.
▪ Working knowledge of networking protocols/technologies (e.g. TCP, IP, HTTP/HTTPS).
▪Safely acquire and preserve the integrity of cyber security data required for incident analysis to help determine whether further investigation is required.
▪Level 1 Analyst will be responsible in confirming that the incident is in fact a true positive requiring an investigation and potentially remediation or mitigation then escalate incidents according to the defined process.
▪Triage alerts, security incidents and seeking out potential security issues through log analysis, and use of tools such as SIEM, UEBA, EDR, etc.
▪Ensure timely response to any cyber incident to minimize risk exposure and production down time, including interacting with different technical teams and business areas where needed.
▪Determine the type of support required, coordinate with the respective team or POC.
▪Attend handover calls to support L2 in communicating handover to next shift.
▪Recommend alert for tuning to minimize false positives
▪Recommend or assist L2s/L3s with creation or update of KBs, processes and runbooks.
Graduate
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: EDR Log analysis SIEM SOC
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.