·
Hands on experience in
providing operational SOC support of performing L2/L3 level analysis of logged
SOC alerts. SIEM Tool (Splunk)
·
Experience in SIEM (Splunk) setup
Implementation in different platforms like Linux, Windows and Cloud
·
Administration & Support
Use Case Development/Enhancement Log Source Administration/Monitoring Content
Development, Co relation Rule creation/modification/review
·
Supports the development of
Cyber crisis management playbooks, run books and plans to ensure effective response
during a significant event
·
SOC L2/L3 Analyst will be
involved in the incident response program that aligns with the enterprise
incident management framework and includes incident detection, analysis,
containment, eradication, recovery and forensic artifacts required for
additional investigations
·
Hands on experience finding
and responding to advance persistent cyber-attacks (APT) in a global network
setting
·
Change agent with ability to
drive accountability & outcomes across a diverse threat landscape
·
Ensure delivery compliance to
SOW & service level adherence Implementation Standardize service delivery
framework across multiple accounts Essential Technology Skills Security
Operations Center (SOC) SIEM (Splunk)
·
Experience with SOC incident
response and management including 24x7x365 continuous monitoring, detection and
analysis of potential intrusions in real time detailed knowledge of system
security vulnerabilities and remediation techniques, including penetration
testing and the development of exploits
·
Experience with attacks and
mitigation methods, with experience working in two or more of the following:
Network protocols and secure network design Operating system internals and
hardening (e.g. Windows, Linux, iOS, Android)
Web
application and browser security assessments and penetration testing