2 to 3 years of experience in Information Security specially in SOC environment
• Have experience in SOC monitoring , working knowledge in any of the SIEM tools like ArcSight , Qradar , Splunk (preferred), McAfee Nitro & AlienVault, etc.
• 24x7 Active monitoring of Security events using SIEM (based on standard operating procedure).
• CCNA / Security+/ Network+ CEH certified / SIEM technology certified (optional) (ArcSight , Qradar , Splunk , McAfee Nitro).
• Analyst would monitor events and take appropriate action based on security policy.
• Generating & Reviewing reports to ensure quality and accuracy is a part of the job for SOC analysts.
• Knowledge of firewalls and intrusion detection systems is a plus for SOC analyst position.
• Understanding of common network services (web , mail , FTP , etc) , network vulnerabilities , and network attack patterns is a must.
• Strong analytical and problem solving skills are needed to perform the job of a SOC analyst.
• Due to the nature of the business , the SOC analyst position covers all shifts 24/7.
• Understand cyber - attack methods , Perform analysis of security logs in an attempt to detect unauthorized behaviour , provide daily reports to Team Leader.
• Follow the SLAs and procedures already defined for security device management.
• Procedures and KB , known incident resolution , Known Error handling.
• Updating Patches and Signatures Management.
• Ability to communicate and listen effectively.
• Hands on experience and ability to do Root cause analysis , Problem & Capacity Management.
• Inclination towards emerging technologies.