Security Architect

Project Role :

Security Architect

Project Role Description :

Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations.

Must have skills :

Security Information and Event Management (SIEM)

Good to have skills :

NA

Minimum 2 Year(s) Of Experience Is Required

Educational Qualification :

15 years full time educationSummary: As an L1 SOC Analyst you are the first line of defense in monitoring and triaging security alerts. You will work primarily with Splunk SIEM and Sentinal One EDR to identify potential security incidents, validate alerts, and escalate them according to the defined SOPs. You will ensure real-time visibility and log health while flagging suspicious activity promptly. This role is essential to ensuring timely detection and reduce noise from false positives. Roles & Responsibilities: --Basic Security Knowledge: Understanding of key concepts (malware, phishing, brute force, etc.) -SIEM Familiarity: Exposure to Splunk UI and understanding how to read/query logs -Exposure to CrowdStrike Falcon Console: Ability to view and interpret endpoint alerts -Alert Triage: Ability to differentiate between false positives and real threats -Alert Triage & Investigation: Experience investigating escalated alerts using SIEM or EDR -Hands-on experience with CrowdStrike EDR investigations -Ticketing Systems: Familiarity with platforms like JIRA, ServiceNow, or similar -Basic understanding of cybersecurity fundamentals -Good analytical and triage skills -Basic Scripting: Awareness of PowerShell or Python for log parsing -SOAR Exposure: Familiarity with automated triage workflows -Security Certifications: Security+, Microsoft SC-900, or similar certification -Operating System Basics: Windows and Linux process and file system awareness -Monitor real-time alerts and dashboards in Splunk SIEM -Perform initial triage on alerts and determine severity/priority -Escalate validated security incidents to L2 analysts per defined SOPs -Follow pre-defined SOAR playbooks to document or assist in response -Ensure alert enrichment fields are populated (host info, user details, etc.) -Conduct basic log searches to support alert analysis -Perform daily health checks on log sources and ingestion pipelines -Maintain accurate ticket documentation for each alert handled -Participate in shift handovers and team sync-ups for awareness Professional & Technical Skills: -SIEM: Basic log searching, correlation rule awareness -SOAR: Familiarity with playbook execution- -Security Concepts: Basic understanding of malware, phishing, brute force -Tools: Sentinal One EDR, Splunk SIEM Additional Information: - The candidate should have minimum 2 years of experience in Security Information and Event Management (SIEM). - This position is based at our Gurugram office. - A 15 years full time education is required.