JobSeeker LogIn
Recruiter LogIn
Securonix L2(RARR Job 1978)
For International Trade And Development Company
3 - 5 Years
Full Time
Up to 30 Days
Not disclosed
1 Position(s)
Mumbai
3 - 5 Years
Full Time
Up to 30 Days
Not disclosed
1 Position(s)
Mumbai
Posted By : Rarr Technologies Pvt Ltd
No longer accepting applicationsDiscover more job opportunities that match your interests.
SiemJob Description
- Relevant Year of Experience expected: 3.5 – 5 years
- Tools and technologies experience expected: SIEM, UEBA, NTA, PCAP, EDR, AV/AM, SOAR.
- Product knowledge value added: Securonix, Qradar, Palo Alto SOAR, Cyware TI.
Perform Monitoring and analysis of cyber security events with the use of Securonix / QRadar (SIEM), Cyware TI, Palo Alto SOAR and other tools. - Provide analysis and trending of security log data from a large number of heterogeneous IT security devices
- Provide Incident Response (IR) support when analysis confirms actionable incident
Provide threat and vulnerability analysis as well as security advisory services
Analyze and respond to previously undisclosed software and hardware vulnerabilities - Investigate, document, and report on information security issues and emerging trends
- Integrate and share information with other analysts and other teams
Other tasks and responsibilities as assigned - Assist Entry-Level SOC analysts to help them build stronger skills
This position will float to cover various work schedules and perform monitoring duties when there are shift staffing shortages - Assist Team Leads with reporting, projects, administrative work as needed
Review SOC Analyst ticket queue, review tickets, closure or reassignment as needed
Create/review/modify documentation as needed, to include any process or procedure and thus ensure it’s up to date and standard - Update the Whiteboard or any relevant POC information
Maintenance and responsibility of the mailbox – put in outage tickets, ensure there are no emails to triage or vulnerability manager’s to call back on
Change management calendar updates/closures - Monthly SOC Reports
- Answer SOC incoming phone calls and triaging phone calls that are not related to monitoring
- Create daily Shift Handoff notes and summary and send to all shifts
SOC White Board daily/weekly updates - Other duties as assigned by Team Leads and/or Operations Manager
Integration of PCAP and NBA solution and details investigation of Network packet Capturing. - Working knowledge for Bigdata family with SQL query.
- Writing rules to implement detection
Develop custom parsers to parse logs from different sources including firewalls, operating systems, applications, etc. - Integration of various log sources including switches, routers, firewalls, servers, applications, DBs etc.
- Implementing use cases and log management
- Creating workbooks to implement dashboards and apps
following-up for ticket closure with the client and any enhancements to existing cyber security measures. - The job also involves identifying potential threats and performing enhancements to existing cyber security measures as per specifications or policy guidelines.
- When a security incident is declared they execute incident response process and document the same.
- Good understanding of TCP/IP and UDP protocol
- Good understanding of general security products and controls
