SOC L2 - Juinagar

Reporting Structure

Program Lead – Cyber Defence Center

Education

University degree in the field of computer Science or IT or EXTC

Experience/ Qualifications

·4 to 6 years’ experience in SOC with good analysis skill and SIEM administration knowledge.

·Ready to work in 24X7 shift.

Industry

·Information Technology, BFSI, Fintech etc.

Responsibilities

·Hands on experience in SIEM (ArcSight, IBM QRADAR) admin activity.

·Perform troubleshooting part in SIEM.

·Analyst would be part of 24x7 Cyber Security Operations function to perform security monitoring and incident response, data loss prevention, vulnerability management, threat intelligence and threat hunting.

·Perform monitoring, research, assessment, and analysis on alerts from various security tools, including IDPS tools, SIEM, Anomaly detection systems, firewalls, antivirus systems, user behaviour analytics tools, endpoint inspection, and proxy devices.

·Follow pre-defined actions to investigate possible security incidents or perform incident response actions, including escalating to other support groups.

·Maintains standard operating procedures (SOP), processes and guidelines.

·Manage threat intelligence function encompassing threat intelligence feeds data collection, adversary analysis, cyber attribution capabilities and disseminating threat intelligence.

·Ensure proper functioning of systems in the Security Operations Centre.

·Enhance and Build Cyber threat detection use cases and assist in analysing & reducing false positive.

·Work with internal experts/external vendors to resolve technical issues.

·Prepare Incident Reports on high severity incidents.

·Support the development and enhancement of SOC incident response capabilities.

·Build and lead enhancements on incident response life cycle, security tools, SOAR playbook, IR runbooks and security processes for daily security operations.

·Respond to inbound Change Requests (CRs), Service Requests (SRs), Queries for handling Incident Management.

·Execute daily ad hoc tasks or lead projects as needed.

Preferred Certifications (Added Advantage)

·Preferred Cyber Security certifications (CTIA CISM, CEH, CCNA) or Certified Network Defender from EC Council

Job Location

·Juinagar, Navi Mumbai (WFO).

Employment

·All positions are on fixed term contract on a full-time basis exclusively for ReBIT, initially for a period of five years, extendable by mutual consent.