Senior Role - Global Security Operation Centre (3-9 yrs)
Global Security Operation Center (GSOC)
ROLE And RESPONSIBILTY - SHIFT LEAD (Monitoring And Alerting)
- Actively monitoring, analysing & escalating SIEM alerts based on correlation rules,
- Email protection alerts & malware analysis,
- Provide inputs for proactive content fine tuning & use case enablement,
- Active threat hunting on network flow, user behaviour & threat intelligence,
- Phishing email analysis for MFs.
REQUIREMENT Experience - 3 to 9 years
- Candidate should have advance level domain knowledge (Cyber Security), Threat Hunting, SIEM - Azure Sentinel, SIEM - (RSA / Splunk / LogRhythm), Python Scripting,
- Ability to Comprehend Logs (HTTP, SMTP, Network), Windows Active Directory, Operating systems and servers, Organizes Technical Sessions / Talks.
- Candidate should have ability to manage P1 /P2s Incidents through its lifecycle- Incident Handling.
- Candidate should have ability to create /update playbooks- Incident Response Playbooks.
- Candidate should have intermediate level understanding of ATP, EDR, API Security, Identity Management
Standards and Frameworks-
- Candidate should be able to assess MITRE ATT&CK & NIST 800-61R2
- Candidate should be familiar with NIST 800-53
- Candidate should have ability to apply OWASP
- Customers (Emails only)
- Direct Customer calls (on Hotline)
- Engagement with L3 (UK Team)
Role independence - This role involves leading the shift & the team
Mandatory Trainings and certifications (Anyone)
- CEH with Practical
- CSA (Certified SoC Analyst)
- AZ -500
Candidates should expect 2 - 3 rounds of personal or telephonic interviews to assess fitment and communication skills CRITERIA
Education 60% above throughout academics, One 3 years (at least) regular course is must either Diploma or Graduation/Degree, 24- 7 working environment