Who you are:We are actively seeking an experienced and highly skilled resource to join our elite cybersecurity team. In this role, you will play a critical part in shaping and implementing advanced security strategies to safeguard our organization against sophisticated cyber threats.What you'll do:Primary Responsibility:Work experience - 5+ YearsProactively lead and support incident response team during an incident.Experience in advance investigation, triaging, analysis and escalation of security incidents with recommendationsHands-on basic experience with configurations and management of SIEM tools(Qradar) including log source integrations, custom parser built, fine tuning and optimizing the correlation rules and use cases recommendations Is MUST.Proven Experience on any of the Security information and event management (SIEM) tools using QradarData-driven threat hunting using SIEM, EDR and XDR toolsBasic Experience is SOAR tools such as Qradar Resilient, PaloAlto XSOARIdentify quick defence techniques till permanent resolution.Recognize successful intrusions and compromises through review and analysis of relevant event detail information.Review incidents escalated by Level 1 analysts.Launch and track investigations to resolution. Recognize attacks based on their signatures, differentiates false positives from true intrusion attempts.Actively investigates the latest in security vulnerabilities, advisories, incidents, and penetration techniques and notifies end users when appropriate.Identify the gaps in security environment & suggest the gap closureDrive & Support Change ManagementPerforms and reviews tasks as identified in a daily task list.Report Generation and Trend Analysis. Participate in the Weekly and Monthly governance calls to support the SOC metrics reportingGood to have hands on experience with managing SIEM solutions on public/private clouds like Amazon AWS, Microsoft Azure, etc.Willing to work in 24x7 rotational shift model including night shift.KRA:Identify & investigate the security incidentsIdentify the security gaps and drive for closure through Change MgmtMonitor the security logs /alerts from various devices and escalate/investigate the incidentTo explore different security technologies available in the marketInstall Build, Test, and Configure SIEM related systemsMaintain security dashboardsCoordination with internal customers for their security related problems and providing solutions.Create and manage the SOPs, runbooks and Asset inventory with risk classificationHandle L2 and above level technical escalations from L1 Operations team and resolve within SLA.Work closely with L1 team members to provide quick support & escalation.Train other analysts in their role and responsibilitiesHow we'll help you grow:You'll have access to all the technical and management training courses you need to become the expert you want to be.Our team leads love to mentor in case of technical difficulty.You have the opportunity to work in many different areas to figure out what really excites you
