SOC Analyst

Role: - SOC Analyst

Location: - Frisco, TX (Day 1 Onsite- 3 days & 2 remote)

Full time hire

Skills Required

• 3+ years’ of experience in SOC L1+. Hands-on experience in 2 or more of the SIEM technologies & Security Event alert Analysis
• Min. 2-5 yrs. of experience in investigating alerts using SIEM to weed out FP – Splunk/SecureWorks XDR /Proofpoint TRAP, FortiSOC etc.
• Experience in using EDR Solution – CrowdStrike/Defender/Carbon Black/Mandiant/Sentinel One etc.
• Investigating Phishing/Spoofed Emails using solutions such as Proofpoint/MS etc.
• Understanding of Networking & Proxy (Firewall/Proxy) & SOAR concepts
• DDoS Alerts Investigation – Cloudflare/Arbor etc.
• Exposure to Mitre framework and equivalent, Hands-on experience in EDR platforms and threat analysis, threat hunting/incident response experience.
• Experience and knowledge in at least 3 Domains Network security/ System Security/ Endpoint Security/ Vulnerability Management / Application Security.
• Experience of Event Monitoring and analysis and escalations. Provide inputs for content management.
• Willing to work on 24/7 operations.
• Review XDR escalated event alerts and qualified true positives.
• Provide log analysis summary and recommendations on detection/protection of incidents
• Perform Event alert triages and work in collaboration with resolver groups, third party or with designated customer contacts.
• Liaise between cross functional teams and assist in formulating security incident response report
• Advocate protection and mitigation strategies to be implemented from lessons learnt exercises.

Soft skills

• Shall have good verbal/written communication skills.
• Should be willing to work in 24x7 environments.
• Incumbent should carry continual system improvement mindset and able to demonstrate in work.
• Strong leadership skills and the ability to provide mentorship and guidance to junior team members.
• Strong presentation skills and interface between customer and operations team.

Preferred tools:

• CrowdStrike, Proofpoint, WAF(Cloudflare), Fortinet, Zscaler, Snare
• Understanding for Fine Tuning of Alerts
• Ability to notify/escalate TP Malicious Alerts in a timely manner.
• Ability to learn & adapt to new technologies & build SOPs/Playbooks