SOC-Analyst

Location:

• Use SIEM and EDR tools to continuously monitor system alerts and network traffic.
• Identify suspicious activities and indicators of compromise (IoCs).

Incident Handling

• Perform initial triage of alerts and determine severity levels.
• Escalate incidents with clear documentation and context.

Threat Investigation

• Investigate alerts for root causes and determine actionable steps.
• Analyze phishing attempts, flagged URLs, and suspicious file attachments.

Documentation & Reporting

• Maintain detailed incident logs and generate regular security activity reports.
• Assist in creating playbooks and refining response workflows.

Collaboration

• Work with IT teams to remediate vulnerabilities and support compliance audits.
• Participate in war-room discussions during critical incidents.

Analytical Thinking

• Root cause analysis for distinguishing false positives from genuine threats.
• Ability to correlate data from diverse sources to identify complex attack vectors.

Threat Intelligence Integration

• Leverage threat intelligence feeds to compare alerts with known signatures.
• Identify emerging threats and communicate insights to senior analysts.

Technical Expertise

• Hands-on experience with SIEM platforms (e.g., Splunk, QRadar) and EDR tools (e.g., CrowdStrike, Carbon Black).
• Basic scripting knowledge for automating repetitive SOC tasks.

Adaptability & Learning

• Stay updated on the latest cyber threats, tools, and techniques.
• Contribute to continuous improvement of SOC processes and detection capabilities.

Interpersonal Skills

• Strong communication skills for effective coordination with cross-functional teams.
• Mentorship of junior team members to foster team growth and resilience.

Qualifications:

• Tech degree or equivalent (B. Tech/MCA/BCA/M.Tech)]

Required Key Skills

• Familiarity with SIEM platforms (Splunk, Azure Sentinel) and EDR tools (Microsoft Defender, Sentinel One).
• Basic understanding of IDS/IPS, vulnerability scanning tools (Nessus, Qualys), and packet analysis tools (Wireshark).
• Firewalls and Network Security
• Solid understanding of TCP/IP, DNS, DHCP, ARP, HTTP/HTTPS, and other protocols.
• Knowledge of packet capture and analysis tools like Wireshark or tcpdump.
• Operating Systems
• Windows: Event logs, registry analysis, PowerShell basics.
• Linux/Unix: Command-line utilities, syslogs, and basic shell scripting.( Bash , Python, etc )
• Active Directory (AD)
• Vulnerability Management
• Basic understanding of vulnerability scanning tools like Nessus, Qualys, or OpenVAS.
• Knowledge of collecting and analyzing evidence (e.g., memory dumps, disk images).

Certification: -

• Mandatory:

  Certified Ethical Hacker (CEH)

• Preferred: CompTIA Security+, Certified SOC Analyst (CSA), or GSEC.

Communication Skills:

• Strong communication and documentation skills, with the ability to work collaboratively with other teams.

Problem-Solving Ability

• Strong analytical and troubleshooting skills to address complex security incidents effectively.

Shift Flexibility:-

• Willingness to work in shifts, including weekends and off-hours if required.

__________________________________________________________________________________