Security Operations Center Analyst

Required skills:

• 3-5 Years of Experience in SOC

• Familiarity and experience in implementation of or two SIEM products (LogRhythm, QRadar, SA, Sentinel, Arcsight etc).

• Install / configure / build / fine-tune the SIEM tools to setup an effective information security support

• Establish KPI, review & manage security logs and provide reports based on KPI and metrics.

• Hands-on knowledge of Correlation rules creation / Update / Deletion

• Familiarity of ITIL and ISO processes.

• Excellent communication and customer interaction

Key Responsibilities:

• Monitoring of security incidents in 24x7 rotational shifts.

• Provide support to the team for escalated incidents.

• Periodic review of events and standard reports and provide an analysis report.

• Define content and periodicity of reports.

• Customize processes and incident analysis procedures based on the new threats.

• Analyze unstructured threat intelligence reports and enhance correlation rules.

• Fine tune and add correlation rules as per Client environment changes and threat environment.

• Provide guidance to Security Analyst for creating the SOP to handle the alerts for new correlation rules.

Ensure ticket assignment / reassignment as per SLA