Roles and Responsibilities:
- Serve as an escalation point for all Threat Analysts on shift for complex/unusual alerts/cases/requests/incidents.
- Daily review of security alerts/logs with follow-up on any suspicious activity.
- Review cases escalated by Threat Analysts to investigate, respond and remediate; Ensure an effective flow of escalated cases; and Conduct quality assurance of cases.
- Mentoring associate team members and contribute to streamlining SOC operations for continuous
improvement.
- To ensure an escalate flow of Incident Management System; Assist the team in developing the incident
Response strategy and then creating and assigning response actions to Threat Analysts as needed;
- Perform manual investigation of network and hosts/endpoints for malicious activity, to include analysis of packet
captures, and assist in efforts to detect, confirm, contain, remediate, and recover from attacks basis on standard threat hypothesis or custom basis on customer environment
- Execute log audit review on integrated assets to ensure capture of right set of logs for effective threat detection
- Proactively monitor, identify, and analyse complex internal and external threats, including viruses, targeted attacks and unauthorized access, and mitigate risk to IT systems.
- Work in concert with team members, Information Security engineering, and relevant Subject Matter
- Experts to process, analyse and drive the remediation of identified IT related vulnerabilities Responsible to follow the IT Security Incident Response policies and tools.
- Contribute to Information Security policies, standards, and supporting documentation.
- Root cause analysis, troubleshoot complex issues with existing security and privacy protection protocols.
- Responding to inbound security monitoring alerts, emails, and inquiries from the organization.
- Providing support for Incident Response, including evidence collection, documentation, communications, and reporting.
- Maintaining and improving standard operating procedures and processes
- Responsible for onboarding the clients; both in cloud and on-prem
Mandatory Skills required for the role:
- Networking concepts
- Information security concepts
- Data Analysis
- Linux domain knowledge and troubleshooting
- Windows domain knowledge and troubleshooting
Educational Requirement (If any):
- Bachelor's degree in computer science, Information Technology, or a related field.
- MBA degree in Operations Management, Business Management or a related field.
Certifications (mandatory if any):
- Certified Ethical Hacking (CEH), Cisco Certified Network Associate (CCNA) etc or any Cybersecurity related certifications (Security + CompTIA)
- Any Cloud Certification would be added advantage
