- Location
- Bengaluru, Karnataka, India
- Job type
- Full-time
About the role
Qualitest
Website:
qualitestgroup.com
Job details:
- Description:
- Acknowledge, analyse, and validate incidents triggered from correlated events through SIEM solution
- Acknowledge, analyse, and validate incidents received through other reporting mechanisms such as email, phone calls, management directions, etc.
- Collection of necessary logs that could help in the incident containment and security investigation
- Escalate validated and confirmed incidents to SOC Lead
- Undertake first stages of false positive and false negative analysis
- Understand the structure and the meaning of logs from different log sources such as FW, IDS, Windows DC, Cisc
- appliances, AV and antimalware software, email security etc.
- Open incidents in ITSM Platform to report the alarms triggered or threats detected.
- Analyst should properly include for each incident on SIEM all details related to the logs, alarms and other indicators identified in accordance with the intervention protocol and the SLA.
- Track and update incidents and requests based on client’s updates and analysis resultso Report infrastructure issues to the IT support team.
- Other duties related to the position Essential Skills
- Knowledge and hands-on experience in the management of McAfee EDR, CrowdStrike, ENS, DLP, CASB and other security products
- Experience in Security Information Event Management (SIEM) tools like LogRhythm and McAfee, creation of basic co-relation rules, and administration of SIEM
- Should have expertise on TCP/IP network traffic and event log analysis
- Knowledge of ITIL disciplines such as Incident, Problem and Change Management
- Expectations:
- Exp 0 - 4 years SOC Engineer will be responsible for monitoring, reporting, and escalating events to our SOC Manager.
- The primary function of this position is to monitor the analytics tools, perform alert management, and initial incident qualification.
- This role reports to the SOC Manager.
- Bachelor’s degree with CEH certificationo Joining time / Notice Period: Immediate joining
- Shift Timings: Rotational Shifts (100% working from Bangalore office)
3 must haves
SIEM 4/5
Networking 4/5
ITSM 3/5
Click on Apply to know more.
This page is fully interactive when JavaScript is enabled. Please enable JavaScript to apply or browse related roles.