Soc analyst

Posted: Nov. 9, 2021, 2:44 a.m. - Full Time - Chennai

Job Description
We are building a Security Operations Center (SOC) in Chennai. Are you good at identifying & responding to security incidents, driving engineering efforts to minimize risk, and skilled at threat hunting? If yes, then come and join us at the AuriSEG SOC
As an SOC Analyst, you will work as part of AuriSEG Security Operations Center to be the first line of defense. You will use various defense tools to conduct analysis, identify security incidents and violations, help strengthen security controls and work with cross-functional teams with a customer-oriented approach to ensure that a secure workspace is provided to the AuriSEG workforce.
Required Skills :
• Experience 1 to 3 years
• Current SIEM experience/certifications would be a distinct advantage
• Knowledge of current security trends
• Knowledge of TCP/IP Protocols, network analysis, and network/security applications
• Knowledge of common Internet protocols and applications
• Basic knowledge of Windows server and Unix/Linux operating systems
• Strong experience in SIEM platform implementations
• Should have sound technical knowledge in SIEM platform components and applications
• Should have technical problem-solving skills in terms of logging, integration approach and project handling
•Should have good knowledge how infra and application security works in cloud platforms like Azure, AWS, Google, Oracle, etc.
• Should have hands-on incorporating logs or events or flows from cloud into SIEM tools
• Superior written and verbal communication skills, with a keen creative eye for details
• Good working knowledge in MS-Office
Responsibilities:
• Responsible for working in a 24x7 Security Operation Center (SOC) environment
• Working on L1/L2 task
• Work with the team in implementing SIEM solution
• Experience in wazuh/ELK and creating different types of Queries
• Responsible for integration of standard and non-standard logs in SIEM
• Proficient in Incident Management and Response, handling escalations
• Provide analysis and trending of security log data from a large number of heterogeneous security devices.
• Primarily responsible for security event monitoring, management and response
• Ensure incident identification, assessment, quantification, reporting, communication, mitigation and monitoring
• Perform threat management, threat modeling, identify threat vectors and develop use cases for security monitoring
• Creation of reports, dashboards, metrics for SOC operations and presentation
• Work on triage of alerts generated from SIEM and other related tools maintenance
• Manage security incidents and reporting on a timely basis
• Analyze and validate security threats and recommend appropriate countermeasures to minimize the associated risks
• Work with other teams to evaluate, implement and enhance security for infra, hybrid or cloud projects
• Implement and manage SIEM and other security tools
• Ability to handle high pressure situations
• Monitor and analyze logs and alerts from a variety of different technologies across multiple platforms in order to identify and mitigate security incidents affecting the enterprise. This includes analysis of logs from: IDS/IPS. Firewall. Proxies. Anti-virus and end-point protection. Servers and workstations. Cloud security technologies and devices.
• Utilize a variety of security tools and technologies to analyze potential threats to determine impact, scope, and recovery.
• Leverage network security tools and capabilities to support Cyber Threat Monitoring activities.