IN-AssociateSOCCyber as a ServiceAdvisoryMumbai

Job Description &Summary:.We areseekinga professional to join our Cybersecurity and Privacy services team where you will have the opportunity to help clients implement effective cybersecurity programs that protect against threats drive transformation and foster growth. As companies increasingly adopt digital business models the generation and sharing of data among organizations partners and customers multiply. We play a crucial role in ensuring that our clients are protected by developing transformation strategies focused on security efficiently integrating and managing new or existing technology systems and enhancing their cybersecurity investments.

Responsibilities:

Responsible forinitialor secondary triage of security incidentsidentifiedby internal controls or external SOC partners

• Proficient in Threat Research and understands the latest malware trends common attack TTPs and the general threat landscape

• Proficient in Incident Response and automation workflows as it relates to Security Operations

• Demonstrates ability to author content using a variety of query languages as well as scripting for event enrichment and investigation

• Detectsidentifies and responds to cyber events threats securityrisksand vulnerabilities in line with cyber security policies and procedures

• Conducts threat hunting and analysis using various toolsets based on intelligence gathered

• Responsible for documenting the incident life cycle conducting handoffsescalation and providing support during cyber incidents

• Create detailed Incident Reports and contribute to lessons learned in collaboration with the team

• Works with vulnerability management resources to uncover and prioritize potential risks and makes specific recommendations to reduce the threat landscape and minimize risk

• Works with leadership and the engineering team to improve and expand available toolsets when warranted

• are critical for the role

Required Qualifications

Skills

• Experience with one or more Security Information and Event Management (SIEM) solutions

• Understanding of common Attack methods and their SIEM signatures

• Experience in security monitoring Incident Response (IR) security tools configuration and security remediation

• Strong knowledge and experience in Security Event Analysis capability

• Understanding ofnetwork protocols (TCP/IP stack SSL/TLS IPSEC SMTP/IMAP FTPHTTPetc.)

• Understanding of Operating System Web Server database and Security devices (firewall/NIDS/NIPS) logs and log formats

• Understanding of String Parsing and Regular Expressions

• Strong analytical and problem-solving skills

• High levelof personal integrity and the ability to professionally handle confidential matters and showan appropriate levelof judgment and maturity

• Ability to interact effectively at all levels with sensitivity to cultural diversity

• Ability to adapt as the external environment and organization evolves

• Passionate about Cybersecurity domain and has the inclination to learn current technologies / concepts / improvements

• Excellent in security incident handling documentation root cause analysis troubleshooting and publishing post-Incident Reports.

• Strong experience with cyber security in the domains of cyber threat intelligence and analysis securitymonitoringand incident response

• Experience of network and system vulnerabilities malware networkingprotocolsand attack methods to exploit vulnerabilities

• Knowledge of cyber security frameworks and attack methodologies

• Experience working with EDRs Proxies and anti-virus

• Knowledge of intrusion detection methodologies and techniques for detecting host- and network-based intrusions via intrusion detection technologies

• Excellent verbal and written English communication skills

Experience

• More than 4-6 years of experiencein Enterprise Cybersecurity or with a reputed services/consulting firm offering Security Consulting Implementation and Managed Security services

• More than 4 years of technical experience in Security Operations Center (SOC) and Information Security

• Experience with one or more Security Information and Event Management (SIEM) solutions

Mandatory skill sets:

Tools

• Email Security: Proofpoint Abnormal Security M365 Defender

• SOAR: Palo Alto XSOAR

• SIEM: Splunk

• Firewall: Palo Alto

• EDR:Crowdstrike

• Other tools: Darktrace and M365 Defender

• Certifications like CEH CHFIEnCEor ECIHisbare minimum.

Preferred skill sets:

• Certifications like CEH CHFIEnCEor ECIHisbare minimum.

Years of experience:

2-7Years

Education qualification:

/MCA/MBA with IT background/Bachelors degree in Information Technology Cybersecurity Computer Science