Team lead-soc

Posted: Dec. 22, 2022, 5:53 a.m. - Full Time - Ahmedabad

Security Utilize state of the art technologies such as host forensics tools (FTK/Encase), Endpoint

Detection & Response tools, log analysis (Sentinel) and network forensics (full packet capture

solution) to perform hunt and investigative activity to examine endpoint and network-based

data

· Conduct malware analysis, host and network, forensics, log analysis, and triage in support of

incident response

· Recognize attacker and APT activity, tactics, and procedures as indicators of compromise (IOCs)

that can be used to improve monitoring, analysis, and incident response

· Develop and build security content, scripts, tools, or methods to enhance the incident

investigation processes

· Lead Incident Response activities and mentor junior staff

· Work with key stakeholders to implement remediation plans in response to incidents

· Effectively investigative and identify root cause findings then communicate findings to

stakeholders including technical staff, and leadership

· Author Standard Operating Procedures (SOPs) and training documentation when needed

· Generates end-of-shift reports for documentation and knowledge transfer to subsequent

analysts on duty

· Should be comfortable to be part of 24*7 SOC services.

Minimum 5-8 years in an Incident Responder/Handler role · Strong experience in SIEM (Security Incident and Event Monitoring) processes and Products (e.g., Microsoft Sentinel, Splunk etc.) · Full understanding of Tier 1 responsibilities/duties and how the duties feed into Tier 2. The ability to take lead on incident research when appropriate and be able to mentor junior analysts · Advanced knowledge of TCP/IP protocols · Knowledge of Windows, Linux operating systems · Knowledge of Intrusion Detection Systems (IDS) and SIEM technologies; Splunk or Sentinel experience · Deep packet and log analysis · Some Forensic and Malware Analysis · Cyber Threat and Intelligence gathering and analysis · Bachelor’s degree or equivalent experience · Knowledge and experience with scripting and programming (Python, PERL, etc.) are also highly preferred · Process improvement, project management, ISO, six sigma certifications are preferred