Beschreibung
• Experience in SIEM (Splunk) Implementation• Administration & Support Use Case Development/Enhancement
• Deep knowledge of threat hunting methodology
• Log Source Administration/Monitoring Content Development, Co-relation Rule creation/modification/review
• Supports the development of Cyber crisis management playbooks, run books and plans to ensure effective response during a significant event.
• SOC L2/L3 Analyst will be involved in the incident response program that aligns with the enterprise incident management framework and includes incident detection, analysis, containment, eradication, recovery and forensic artifacts required for additional investigations.
• Hands-on experience finding and responding to advance persistent cyber-attacks (APT) in a global network setting Change agent with ability to drive accountability & outcomes across a diverse threat landscape
• Good to have certifications: CCNA, CEH, CISSP & SIEM Vendor Certifications
• Good understanding of Vulnerabilities, threats, risks, compliance and other aspect of security governance
• Reviewing of security alerts & reports to ensure quality and accuracy is a part of the job for SOC analysts.
• Experience in setup of SOAR platforms and playbook definitions
• Understand cyber - attack methods, Perform analysis of security logs in an attempt to detect/uncover and respond to cyber security treats and provide daily reports to Management/CXO