Security Analyst L1

Job Purpose/Summary:

Experience with SIEM tool like PaloAlto XDR

Experience with SOAR tool like PaloAlto XSOAR

Experience with EDR tool like Crowdstrike

Knowledge of Splunk queries

Knowledge of assessing Incident severity classifying them and performing initial investigations to determine the scope and impact.

Good experience and exposure of Incident handling by established procedures and protocols to contain mitigate and resolve security incidents efficiently and effectively.

Capable of identifying fine tuning requirements to avoid false-positive alerts

Identify develop and propose enhancements to existing processes and operations

Ability to read and understand system data including security event logs system logs application logs and device logs

Expert in analyzing & correlating logs from various security tools

Demonstrate ability to react quickly & take decisions for high priority incident

Ability to analyze incidents independently form conclusions and present findings and recommendations to other analysts

Exposure to SOPs creation related to different process and incident investigation analysis

Ability to investigate malicious activity to understand nature of threat

Ability to Collaborate/Interact with different teams in SOC

Exposure in email analysis to categorize it as a Spam/Scam Malicious Legitimate

Personal skills:

Good Team player

Possess Positive and learning attitude

Good Verbal and Written communication skills

Sense of Ownership Priorities and Autonomous

Qualification :

Bachelors Degree in Computer Engineering Information Technology or any relevant certifications

Familiar with basic understanding of Malware TCP/UDP packets security tools such IDS/IPS web proxies SIEM DNS security DDoS protection firewalls

Key Responsibilities:

Experience with SIEM tool like PaloAlto XDR

Experience with SOAR tool like PaloAlto XSOAR

Experience with EDR tool like Crowdstrike

Knowledge of Splunk queries

Knowledge of assessing Incident severity classifying them and performing initial investigations to determine the scope and impact.

Good experience and exposure of Incident handling by established procedures and protocols to contain mitigate and resolve security incidents efficiently and effectively.

Capable of identifying fine tuning requirements to avoid false-positive alerts

Identify develop and propose enhancements to existing processes and operations

Ability to read and understand system data including security event logs system logs application logs and device logs

Expert in analyzing & correlating logs from various security tools

Demonstrate ability to react quickly & take decisions for high priority incident

Ability to analyze incidents independently form conclusions and present findings and recommendations to other analysts

Exposure to SOPs creation related to different process and incident investigation analysis

Ability to investigate malicious activity to understand nature of threat

Ability to Collaborate/Interact with different teams in SOC

Exposure in email analysis to categorize it as a Spam/Scam Malicious Legitimate