SOC Analyst

The role:

We are seeking a skilled and experienced Information Security Operations Specialist to join our Cyber Security Operations (SOC) team in Hyderabad, India.

The successful candidate will be responsible for ensuring the security of our organization’s computer systems, networks, and data. The Information Security Operations Specialist will also collaborate with other teams to identify and mitigate potential security risks and develop strategies to improve our overall security posture.

This is a great opportunity for a suitably experienced individual to directly influence and improve the security posture of the company.

Are you our next star player?

As an Information Security Operations Specialist, you will become a pivotal member of the team supporting the organisation’s cyber defence strategy. The Cyber Security team provides an exciting and challenging environment, using best of breed tools and methodologies to protect and strengthen the company’s IT platforms.

Why we need you

As an Information Security Operations Specialist, you will:

• Work in a shift pattern covering 24/7 operations.
• Act as the 1st line of defense for security related topics meeting security OLA’s for alert triage to detect and respond.
• Investigate and respond to security incidents, including data breaches and cyber-attacks.
• Provide log analysis to support open incident investigations.
• Identify and recommend useful automation & tuning opportunities on current use cases, along with recommending implementation of new relevant detective use cases to better cover the threat landscape.
• Support Junior SOC analysts during shifts where applicable.
• Research and propose implementation of new preventive security controls to improve the overall security posture of the organization.
• Develop and maintain operational processes and procedures.
• Participate in assigned internal security assessments or audits.
• Collaborate with other teams to identify and address potential security risks across the organization.
• Stay up to date with the latest security threats, trends, and technologies to ensure that the organization remains protected.

Who we’re looking for

An experienced IT professional capable of providing expertise on many of the aspects of cyber security.

Your experience & education:

• Bachelor’s or master’s degree in computer science, Information Technology, Network Security, Information Security, or a related field.
• Experience in cyber security, with demonstrated experience in security analysis, incident response, threat intelligence and threat hunting
• Experience with security tools such as IDS/IPS, SIEM, endpoint protection, proxy, cloud security and vulnerability scanners.

Your skills:

• Strong knowledge of security best practices, tools, and techniques.
• Demonstrated experience with security incident response, forensics, and threat hunting.
• Strong understanding of security technologies such as firewalls, intrusion detection and prevention systems, access control, encryption, and anti-virus/malware solutions.
• Strong ethical values, integrity, and a commitment to confidentiality.
• Strong analytical and excellent problem-solving skills.
• Excellent written and verbal technical & business communication skills (English).
• Ability to work effectively both independently and as part of a team.
• Strong sense of urgency and ability to work under pressure.
• Able to demonstrate how you have improved the overall security posture of an organization
• Excellent task management and planning skills.
• Great coaching and team-player skills.

Requirements:

• A keen interest in security and a strong desire to learn new technologies and a passion for information security.
• An excellent understanding of IT Security concepts.
• Strong understanding of:
  • Operating systems (Windows, MAC OS, Linux) at a filesystem level.
  • Fundamental internet protocols, services, and technologies (e.g.: HTTP/HTTPS, DNS, SMTP, SSH, LDAP, TCP/IP, UDP, ICMP, REST, JSON, etc.).
  • Common security controls (e.g.: proxies, firewalls, WAF, IDS/IPS, etc.).
  • Incident response and incident handling processes.
  • Endpoint and network-based investigations.
  • Log reviews for identifying evidence of past intrusions.
  • Operating system and application exploits.
  • Malware and exploit kit functionalities.
  • Lateral movement and persistence establishment mechanisms.
  • Detection of anomalous system activities.
  • Indicators use for the identification of scope and breadth of attacks.
• Industry certifications from vendors: GIAC, EC-Council, Cisco, ISC2, Juniper, CompTIA, ITIL, Microsoft, Unix, Oracle, etc.
  • (e.g.: CEH, GSEC, GCIH, GCIA, GCFA/GCFE, CISSP - or similar)
• Experience working with Cloud technologies including AWS & Azure – considered a plus.

Work schedule:

• Standard business hours Mon-Fri – (flexible)
  • + On-Call 24/7 rotation (1 week/analyst)