Job Title

SOC L3-IR/Engg-Delhi/ManesarExperience: 5+ Years Education: BE/ B.tech in IT field/MCA/M.tech/MS OnlySOC L3 Operations:Hands on experience in SIEM solutions (ArcSight or RSA or Splunk or Qradar)Proficient in Incident Management, Incident Analysis and Response.Experience in performing RCA for critical incidents.In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc.Responsible for Monthly, Quarterly reports discussion with customers.Responsible for working in a 24x7 Security Operation Center (SOC) environment.Working level knowledge on security solutions like Antivirus, Firewall, IPS, Email Gateway, Proxy, Threat Intelligence.Familiar with general networking capabilities like IP Address, protocols, ports, knowledge on threats.Knowledge and experience with different types of operating systems or, basic knowledge data bases & knowledge on cloud infrastructure devices.Provide analysis and trending of security log data from a large number of heterogeneous security devices.Provide threat and vulnerability analysis as well as security advisory services.Investigate, document, and report on information security issues and emerging trends.Coordinate with Intel analysts on open-source activities impacting SLTT governments.Knowledge of various operating system flavors including but not limited to Windows, Linux, UnixKnowledge of TCP/IP Protocols, network analysis, and network/security applications.Communicate effectively by contributing significantly to the development and delivery of a variety of written and visual documents for diverse audiences.Knowledge about various tools like – SSL, Packet Analysis, HIPS/NIPS, Network Monitoring tools, Remedy, Ticketing Tool, set Web Security, AV, UBEA, Advanced SOCSOC L3 EngineerHands-On experience in Creating Dashboards. Reports as per client requirements and Automation of reports. Good knowledge in building Correlation Rules, Queries and log analysis. Fine tuning of Alerts based on FP/TP and taking customer Input with regular engagement. Proficient in Linux commands & worked on Troubleshooting of the Integrations with SIEM.Hands on experience in SIEM Admin activities such as Installations of SIEM components, Upgradation of SIEM, Integrations, Backup, DC-DR test, Troubleshooting in case of any failures.Should be able to understand the use of MITRE and uses Threat Intelligence.Experience on Parsing the logsAble to perform SIEM health checksShould be able to coordinate with support tech for any P1, P2 issue at priority and resolving with them.Threat Hunting ability is preferred choice.Willingness to upskill in related technology as per project needs.Having problem solving skills, Logical & communication Skills.Provide trending security log data from heterogeneous security devices.Provide threat and vulnerability security advisory for integrated devices.Analyze and respond to previously undisclosed software & hardware vulnerabilities.Investigate, document, and report on information security issues and emerging trends.Coordinate with Intel analysts on open-source activities impacting SLTT governments.