L3 SOC Analyst

Experience : 7 plus years

Location : Hyderabad/Trivandrum/Kochi/Bangalore/Chennai

Company: CyberProof, A UST Company

CyberProof is seeking a SOC L3 Engineer who will be part of our growing Global Operations & Delivery team, which monitors, investigates, and resolves security incidents, violations, and suspicious activities. Our global Operations group takes innovative approaches and uses the most cutting-edge technologies to transform the operations of our customers and secure the security landscape.

Main Responsibilities :

·       Act as an escalation point for high and critical severity security incidents, and conduct thorough investigations to determine potential impact and understand extend of compromise

·       Analyse attack patterns, Tools, Techniques and Procedures (TTPs) to identify methods of attacks and attack life cycle

·       Provide recommendations on issue resolution activities such as security controls policy configuration changes and security hygiene improvement

·       Provide guidance on mitigating risks associated with security vulnerabilities

·       Hunt for Indicators of Compromise (IOCs) and signs of Advanced Persistent Threats (APTs) within the Client’s environment

·       Conduct threat hunting by means of in-depth log analysis to identify potential threats that may have evaded automated detection

·       Conduct analysis to gather evidence, validate root cause and analyse extend of compromise leveraging Client’s security toolset

·       Identify gaps and weaknesses in existing security processes and propose enhancements to improve Client’s established incident response methodologies

·       Collaborate with cross-functional teams, to ensure end to end management of security incident lifecycle

·       Document and update incident response processes, define outcomes for future references and drive continuous improvement

·       Participate in regular team meetings, Incident Response war room discussions and executive briefing sessions.

Requirements :

·       Minimum 2+ years of experience as a SOC L3 Analyst working as part of a Global SOC team Resolve, escalate, report, and raise recommendations for resolving and remediating security incidents.

·       Be an escalation point for investigations of clients and suggest optimization activities to improve their performance.

·       Proactively monitor and review threats and suspicious events from customers participating in the service.

·       Handle the advanced monitoring of system logs, SIEM tools, and network traffic for unusual or suspicious activity.

·       Set up SIEM solutions and troubleshoot connectivity issues.

·       Investigate and resolve security violations by providing post-mortem analysis to illuminate issues and possible solutions.

·       Collate security incident and event data to produce monthly exception and management reports.

·       Report unresolved network security exposure, misuse of resources, or noncompliance situations using defined escalation processes.

·       Assist and train team members in the use of security tools, the preparation of security reports, and the resolution of security issues.

·       Develop and maintain documentation for security systems and procedures.

·       Experience in handling Linux servers, familiar with Linux OS and commands

·       Requirements Maintain excellent customer satisfaction through professional, proactive and personal service.

·       Experience with SIEM vendors such as QRadar, ArcSight, RSA, and LogRhythm Experience in incident response, and in writing procedures runbooks and playbooks

·       Ability to work with customer’s IT and security teams