SOC L2

Job Responsibilities:
• Perform monitoring, identification, investigation, documentation, resolution and reporting of security alerts through prioritization of events based on risk/exposure.
• Analyze Endpoint Detection and Response (EDR), Network, Cloud and other traffic and log data for potential threats or vulnerabilities.
• Generating tickets and incident reports to external clients and Tier 3 analysts.
• Remediate and apply lessons learned to security incident investigation and resolution.
• Develop processes that align with enterprise incident response activities and coordinate closely with other teams within the Security Operations Center.
• Investigate suspicious activities and content and prevent them. 
• Follow strict security and SOC guidelines and SOPs.
• Threat hunting, Threat intelligence, deep investigation of alerts.
• Identifying the new use cases.
• Strong analytical skills to assess the alerts .
• Integrate new logging sources and build playbooks to properly triage and respond to security incidents while reducing the time needed to analyze each event.
• Assess, design, and improve SOC processes and workflows with a focus on integrating automation through Security Orchestration, Automation and Response (SOAR) tools and technologies.
• Create custom content to enhance capabilities of security operations Center.
• Create custom analytics, dashboards, and reports.
• Respond to customer or Tier 1 analyst tickets within target objectives.
• Create new detection rules.

Qualifications:
• Proven experience in a SOC with at least 4-6 years of experience.
• Understanding of Managed Security Services.
• Well versed with Incident Response Framework.
• Experience with Endpoint Detection and Response (EDR) tools.
• Experience with an industry leading SIEM technology (SIEM administration will be a plus).
• Understanding of key IT/Cybersecurity concepts (Network Security, Security Operations & Administration, Managed Detection and Response, Incident Response & Recovery, Vulnerability Management, etc.)
• Good interpersonal skills to interact with customers, team members and support personnel.
• Strong analytical and problem-solving skills for investigating security issues.
• Strong written and verbal communication skills
• Ability to earn trust, maintain positive and professional relationships, and strengthen our culture of inclusion.
• Motivated self-starter
• Willing to work in 24*7 shifts on rotation basis and office based – Bangalore location.