Security Operations Centre (SOC) Analyst

Job ID: 
37
Location: 
Delhi NCR (Gurgaon)
Experience Required: 
3 - 5 Yrs
Qualification Required: 
Any Graduate (Full Time) with IT Background

Responsibility:

  • Recognizes successful / potential intrusions and compromises through review and analysis of relevant event detail information.
  • Launch and track investigations to resolution. Recognizes attacks based on their signatures. Differentiates false positives from true intrusion attempts.
  • Respond in a timely manner (within documented SLA) to support, threat and other cases
  • Proactive monitoring for security threats and events
  • Developing correlation/content/use cases for Splunk/QRadar monitoring and incident triggers.
  • Alerts concerned stakeholders of intrusions and potential intrusions and compromises to their IT environment.
  • Ability to work on and providing remediation plan for security incidents.
  • Conduct vulnerability assessment and compliance Scan for OS, network, web applications and followup closure of identified gaps.
  • Provide recommendations and implement changes to optimize SIEM Tool detection capabilities
     

Required Technical Skill Set:

  • Security information and event management (SIEM) tools
  • Splunk/QRadar and Vulnerabilities management (Nexpose).

Must - Have Technical Competencies:

  • 3-5 years of experience working in SOC environment.
  • Hands on experience with incident analysis and Deep understanding of Windows internals.
  • Good understanding of various attack methods, vulnerabilities, exploits, malware.
  • Ability to develop remediation plans based on organizational needs and priorities.
  • Excellent understanding of Splunk/QRadar SIEM Console
  • Good understanding of networking and network security technologies (IDS, Firewall, Anti-Virus, Web-Proxy, DLP, HIPS, Vulnerability tools ).
  • Expertise and experience of conducting VAPT (Vulnerability Assessment and Penetration Testing) as per standards such as OWASP Top 10, SANS Top 25 and WASC, NIST.
  • Deployment and Working experience on Rapid7 Nexpose vulnerability management Tool.
  • Working knowledge and understanding of security compliance like NIST, PCI-DSS.
  • Ability to maintain working relationships with diverse stakeholders
  • Should also have experience in developing content/use cases for Splunk/QRadar monitoring.
  • Demonstrated skill in troubleshooting - ability to provide resolution and/or workarounds to complex problems.
  • Ability to think analytically and understand dependencies in connected systems

Non-Technical:

  • Excellent written and oral communication skills.

Good-to-Have:

  • Scripting knowledge in PowerShell, general batch/shell scripting
  • Working Knowledge on tools like IDS, Firewall, Anti-Virus, Web-Proxy, DLP, HIPS, Vulnerability tools (Nexpose)

 

Note: Interested candidates can share their CV to hiring.esrm@tcs.com. Please mention the Job ID while sharing your CV.