Job Role: Security Operations Centre( SOC)

Mandatory Skills:

•  SIEM – Qradar (Preferable QRadar Certified  FundamentalAdministration)
•  CEH/CCNA Security/ CompTIA Security+
•  ITIL v3 Certification

General IT Skills:

• Complete knowledge of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise Anti-Virus products
• Network administration and troubleshooting knowledge (Routing/Switching)
• Security administration and troubleshooting knowledge of IPS/IDS, WAF, DDoS, Spam, Proxy etc.,
• System administration and troubleshooting knowledge (Windows/Linux)
• Programming knowledge – Python, Perl

• Reviews the latest alerts to determine relevancy and urgency
• Monitor, identify, analyse and investigate all response activities related to cybersecurity incidents
• Creates new trouble tickets for alerts that signal an incident and require Tier 1 / Incident Response review
• Respond to cybersecurity incidents, conduct threat analysis as directed and address detected incidents for resolution
• Evaluate event flows to identify common risks and vulnerabilities to develop and implement solutions
• Should be able do multitasking to coordinate incident with manager
• Recommend enhancements to SOC security process, Operations efficiencies.
• Expertise to Preparing customised Reports using SIEM Tool
• Assist with security audits, risk analysis, network forensics and penetration testing
• Participate in evaluating, recommending, implementing, and troubleshooting security solutions and evaluating IT security of the new IT Infrastructure systems.
• Staying up-to-date with emerging security threats including applicable regulatory security requirements.
• Strong understanding of security incident management, malware management and vulnerability management processes