- Responsible for handling SIEM tool Manage Engine and SISA MDR for Security Incident and Event Management.
- Responsible for deploying configuring and generating reports using Event Log Analyzer.
- Responsible for Search Logs for Specific Information in Manage engine event Analyzer.
- Responsible for adding devices and applications and get logs into Event Log Analyzer.
- Responsible for Alert Configuration.
- Follow up with the Support team & raising SRF ticket ids and incident Management.
- Responsible for Creation of SOC Dashboards and updating on regular intervals.
- Responsible for Creating Policies and running VA Scan through Nessus Scan tool.
- Monitoring of SOC Operations such as threat Attacks UDP flood TCPportscan
- Maintains Asset Inventory list for SOC Team for all Desktop/Laptop & Servers & ensures that
Windows Operating system is Genuine and having License version.
- Security Incident Responder is the first level of operator when security incident occurs in SOC. Any malicious attack Network Bandwidth Utilisation Network Failover Power Redundancy Router & Switches Downtime Firewall policy Violations etc are being recognised by the Analyst & further will Report to the different stakeholders in SOC Team.
- SME should Monitor & Analyses the firewall through Forti analyser tool for getting TOP Source and TOP Destination TOP Websites consuming high bandwidth TOP & Critical Level threats and unethical access of any unauthorised /restricted sites.
Required Experience:
Intern