Who you are:We are actively seeking an experienced and highly skilled resource to join our elite cybersecurity team. In this role, you will play a critical part in shaping and implementing advanced security strategies to safeguard our organization against sophisticated cyber threats.What you'll do: Primary Responsibility:Working experience of 8+ YearsSOC Engineer would work closely with the SOC team and be responsible for SIEM engineering activities such as log source integration, Use case development and enhancement, Rule tuning, dashboard and report development, and Platform upgradation.Support the incident response team during an incident.Hands-on experience with configurations and management of SIEM tools(Qradar) including log source integrations, custom parser built, fine-tuning, and optimizing the correlation rules and use cases Is a MUST.Proven Experience with Security information and event management (SIEM) tools like QradarIdentify quick defense techniques till permanent resolution.Proven Experience with SOAR solutions like Qradar Resilient and developing workflows and playbooksRecognize successful intrusions and compromises by reviewing and analyzing relevant event detail information.Review incidents escalated by Level 1 analysts for rule tuning and use case enhancementLaunch and track investigations to resolution. Recognize attacks based on their signatures, and differentiates false positives from true intrusion attempts.Actively investigates the latest in security vulnerabilities, advisories, incidents, and penetration techniques and notifies end users when appropriate.Identify the gaps in the security environment & suggest the gap closureDrive & Support Change ManagementPerforms and reviews tasks as identified in a daily task list.Report Generation and Trend Analysis. Front-ending the governance meeting with the customer and walkthrough of the security status from SOC's perspective to the customer/stakeholders.Good to have hands-on experience with managing SIEM solutions on public/private clouds like Amazon AWS, Microsoft Azure, etc.Willing to work in a 24x7 rotational shift model including the night shift.KRA:Identify the security gaps and drive for closure through Change MgmtTo explore different security technologies available in the marketInstall Build, Test, and Configure SIEM related systemsMaintain security dashboardsCoordination with internal customers for their security-related problems and providing solutions.Documentation of security solutionsHandle L2 and above-level technical escalations from the Operations team and resolve them within SLA.Work closely with L1 team members to provide quick support & and escalation.Train other analysts in their roles and responsibilitiesDevelop and maintain the SOAR workflows and playbooksHow we'll help you grow:You'll have access to all the technical and management training courses you need to become the expert you want to be.Our team leads love to mentor in case of technical difficulty.You have the opportunity to work in many different areas to figure out what really excites you
