Senior Role - Global Security Operation Centre

Global Security Operation Center (GSOC)

JOB DESCRIPTION

ROLE And RESPONSIBILTY - SHIFT LEAD (Monitoring And Alerting)

- Actively monitoring, analysing & escalating SIEM alerts based on correlation rules,

- Email protection alerts & malware analysis,

- Provide inputs for proactive content fine tuning & use case enablement,

 - Active threat hunting on network flow, user behaviour & threat intelligence,

- Phishing email analysis for MFs.

REQUIREMENT  Experience - 3 to 9 years

 Technical Skills:

- Candidate should have advance level domain knowledge (Cyber Security), Threat Hunting, SIEM - Azure Sentinel, SIEM - (RSA / Splunk / LogRhythm), Python Scripting,

- Ability to Comprehend Logs (HTTP, SMTP, Network), Windows Active Directory, Operating systems and servers, Organizes Technical Sessions / Talks.

- Candidate should have ability to manage P1 /P2s Incidents through its lifecycle- Incident Handling.

- Candidate should have ability to create /update playbooks- Incident Response Playbooks.

 Vendor Specific-

- Candidate should have intermediate level understanding of ATP, EDR, API Security, Identity Management

 Standards and Frameworks-

- Candidate should be able to assess MITRE ATT&CK & NIST 800-61R2

- Candidate should be familiar with NIST 800-53

- Candidate should have ability to apply OWASP

 Communication Level

- Customers (Emails only)

- Direct Customer calls (on Hotline)

- Engagement with L3 (UK Team)

 Role independence - This role involves leading the shift & the team

 Mandatory Trainings and certifications (Anyone)

- CEH with Practical

- CSA (Certified SoC Analyst)

- OSCP

- AZ -500

SELECTION PROCESS

 Candidates should expect 2 - 3 rounds of personal or telephonic interviews to assess fitment and communication skills CRITERIA

CRITERIA

Education 60% above throughout academics, One 3 years (at least) regular course is must either Diploma or Graduation/Degree, 24- 7 working environment