Security Operations Center Analyst

Avensys is a reputed global IT professional services company, and our service spectrum includes enterprise solution consulting, business intelligence, business process automation and managed services. And we service a client base across banking and financial services, insurance, information technology, healthcare, retail, and supply chain.

We are currently looking for the role of Security operation Center (Analyst)This is an exciting opportunity to expand your skill set, achieve job satisfaction and work-life balance. More details as below

Job Description

A Security Operations Center (SOC) Analyst is responsible for monitoring, detecting, analyzing, and responding to cybersecurity threats and incidents to protect an organization's IT infrastructure, data, and systems.

Below is a detailed job description for a SOC Analyst, covering key responsibilities, skills, qualifications, and tools typically involved:

Description: SOC Analyst

Overview

A SOC Analyst works within a Security Operations Center to safeguard an organization's digital assets by proactively monitoring networks, systems, and applications for security incidents.

They analyze potential threats, investigate alerts, and coordinate responses to mitigate risks, ensuring the organization's security posture is maintained.

Key Responsibilities

Monitoring and Threat Detection: Continuously monitor security information and event management (SIEM) systems, intrusion detection/prevention systems (IDS/IPS), firewalls, and other security tools for suspicious activities or anomalies.

Analyze security alerts to identify potential threats, such as malware, phishing, or unauthorized access attempts.

Use threat intelligence feeds to stay updated on emerging threats and vulnerabilities.

Incident Response: Investigate and triage security incidents to determine their scope, impact, and root cause.

Respond to incidents following established playbooks, escalating critical issues to senior analysts or incident response teams as needed.

Contain and mitigate threats, such as isolating compromised systems or blocking malicious IPs.

Log Analysis and Forensics: Analyze logs from various sources (e.g., servers, endpoints, cloud services) to identify indicators of compromise (IOCs).

Perform basic digital forensics to collect and preserve evidence for investigations.

Document findings and maintain detailed incident reports for compliance and auditing purposes.

Threat Hunting:

Proactively search for hidden threats or vulnerabilities within the network that may have evaded automated detection.

Use advanced techniques and tools to identify patterns of malicious behavior.

Collaboration and Communication:

Work closely with other SOC team members, IT staff, and external stakeholders to coordinate incident response and remediation efforts.Communicate findings and recommendations to technical and non-technical audiences, including management.

Participate in post-incident reviews to improve processes and prevent recurrence.

Maintenance and Optimization:

Tune SIEM rules and alerts to reduce false positives and improve detection accuracy.

Update and maintain security tools, ensuring they are configured correctly.

Assist in developing and refining SOC processes, procedures, and playbooks.

Compliance and Reporting:

Ensure adherence to regulatory requirements and industry standards (e.g., GDPR, HIPAA, PCI-DSS).Generate reports on security incidents, trends, and metrics for management and audits.