Description

Skills Required 4+ years’ for L2 and 8+ years for L3

•            Having knowledge / experience on any SIEM tool (preferably SPLUNK) and SOAR tools ( preferably TINES).

•            Exposure to Mitre framework and equivalent, Hands on experience in EDR platforms ( CROWDSTRIKE ) and threat analysis, threat hunting / incident response experience.

•            Experience in analysing security incidents and responding to them in methodical manner

•            Knowledge in Network security/ System Security/ Endpoint Security.

•            Experience of Event Monitoring and analysis and escalations. Provide inputs for content management.

•            Experience on Monthly, Weekly and daily reporting.

•            Willing to work on 24/7 operations.

•            Review SIEM escalated incidents and qualify true positives

•            Provide a monthly trend and security analysis summary report

•            Provide SIEM event/Incident analytics support

•            Provide log analysis summary and recommendations on detection/protection of incidents

•            Perform advanced triages and work in collaboration with resolved groups, third party or with designated customer contacts

•            Liaise between cross functional teams and assist in formulating security incident response report

•            Advocate protection and mitigation strategies to be implemented from lessons learnt exercises

•            Strong knowledge of Operating systems namely Windows, linux and MAC

•            Strong understanding of cyber security threats

•            Knowledge of recent cyber security trends

•            Experience in creating rules in SIEM

•            Understanding of usage of AI in cyber security

Key Skills

Education

Bachelor's degree