Role: SOC Analyst L2
Location: Mumbai, India
Will be a part of the Cybersecurity Operations Center team that is focused on creating detection against cybersecurity threats - current and future.
The candidates should be with 3-5 years of experience and have a minimum of 3 years in SOC Operations and cyber incident response. The role will be required to collaborate with internal and external stakeholders, analyse incidents, the ability to perform triaging, analysis, investigate, and reporting. The candidate should have exposure to the cyber incident response process and having in depth understanding of cyber-attacks and incident response.
- Performing threat hunting along with Investigating deeper on the detected behaviours when an incident is escalated by the SOC level 1 analyst
- Add context to the incident to understand the behaviour, analysing data from multiple tools and data sources
- Participates to the crisis management by providing support to the incident handler and the SOC Level 3 analysts
- Create reports and visualizations of security attacks
- Tracks trends for metrics and reporting
- Works on the decrease of false positives
- Maintain the detection rules database
- Assess the security impact of security alerts and traffic anomalies to identify malicious activities and take mitigating actions, discuss with customers and internal teams
- Participates to recurrent meeting with the customer as the technical referent.
- Provides recommendations or workarounds to the customer to reduce business impact
- Leads and participates to the continuous improvement of the service (detection level, process, operational procedures, service efficiency, service reporting)
- Supports the customer for the remediation of incidents
- Supports the SOC manager for the reporting of the activity
- Deliver value in Threat Intelligence: create situational awareness, integrate, and fuse intelligence from different sources, proactively determine if new sources are available, improve the intelligence capability
- Technical understanding of applications, system, network, cloud, and infrastructure architecture
- Deep understanding of logging mechanisms of Windows, Linux, and MAC OS platforms, networking
- Proficient programming skills and solution engineering skills: SIEM, Log Management, Ticketing Systems, Workflow Automation, Scripting, Networks Management
- Proficiency with any of the following: EDR, Anti-Virus, Vulnerability Management
- Rigorous and respectful of process. Strong attention to details
- Strong time management skills with the ability for multitasking
- Information Security and operational oriented mind-set
- At least 3 years of experience in a Security Operation Centre (SOC)
- Good communication skills to coordinate among various stakeholders of the organization
Cybernx was founded by individuals who have extensive experience in uplifting and transforming other businesses. Cybernx was founded by a small group of entrepreneurs with big ideas and a lot of ambition. The Cybernx team has innovated and risen through the top positions to become one of the world's top cyber security companies.
Share this on: