Menu 
Close SOC Analyst at TerraEagle
Apply for job
Job Description
Job Details
Full-time
Full Job Description
The primary function of the Security Analyst is to analyze any incidents escalated by the
Level 1 Security Engineer and undertake a detailed investigation of the Security Event. The
The security Analyst shall determine whether the security event will be classified as an incident.
They will be coordinating with the customer IT and Security team for the resolution of the
Security Incident.
Roles and Responsibilities:
Escalate validated and confirmed incidents to the designated incident response
team.
Notify the Client of the incident and required mitigation works.
Fine-tune SIEM rules to reduce false positives and remove false negatives.
Collect global threat intelligence and internal threats then inject actions based on
analysis and recommendation.
Proactively research and monitor security information to identify potential threats that
may impact the organization.
Develop and distribute information and alerts on required corrective actions to the
organization.
Learn new attack patterns, and actively participate in security forums.
Work closely with Vulnerability Management and designated incident response team.
Understand the structure and the meaning of logs from different log sources such as
FW, IDS, Windows DC, Cisco appliances, AV and antimalware software, email
security, etc.
Understand the subject of SIEM alarms
Perform Ad-hoc training for L1 analysis.
Perform threat intel research.
Ability to run and understand Sandbox Static Analysis.
Open and update incidents in ITSM to report the alarms triggered or threats detected.
The analyst should properly include for each incident all details related to the logs,
alarms, and other indicators identified in accordance with the intervention protocol of
each client and the SLA.
Track and update incidents and requests based on the client’s updates and analysis
results.
Skills and Qualifications:
Knowledge and hands-on experience in the implementation and management of
IDS/IPS, Firewall, VPN, and other security products.
Experience with Security Information Event Management (SIEM) tools, creating
advanced co-relation rules, administration of SIEM, system hardening, and
Vulnerability Assessments.
Should have expertise in TCP/IP network traffic and event log analysis.
Knowledge and hands-on experience with any of the SIEM tools like LogRhythm,
QRadar, Arcsight, Splunk, or any SIEM tool.
Knowledge of ITIL disciplines such as Incident, Problem, and Change Management.
Configuration and Troubleshooting experience on Checkpoint, Cisco, Fortigate,
PaloAlto and Sonicwall firewalls would be an added advantage.
Job Features
Job Category Cyber Security
Level 1 Security Engineer and undertake a detailed investigation of the Security Event. The
The security Analyst shall determine whether the security event will be classified as an incident.
They will be coordinating with the customer IT and Security team for the resolution of the
Security Incident.
Roles and Responsibilities:
Escalate validated and confirmed incidents to the designated incident response
team.
Notify the Client of the incident and required mitigation works.
Fine-tune SIEM rules to reduce false positives and remove false negatives.
Collect global threat intelligence and internal threats then inject actions based on
analysis and recommendation.
Proactively research and monitor security information to identify potential threats that
may impact the organization.
Develop and distribute information and alerts on required corrective actions to the
organization.
Learn new attack patterns, and actively participate in security forums.
Work closely with Vulnerability Management and designated incident response team.
Understand the structure and the meaning of logs from different log sources such as
FW, IDS, Windows DC, Cisco appliances, AV and antimalware software, email
security, etc.
Understand the subject of SIEM alarms
Perform Ad-hoc training for L1 analysis.
Perform threat intel research.
Ability to run and understand Sandbox Static Analysis.
Open and update incidents in ITSM to report the alarms triggered or threats detected.
The analyst should properly include for each incident all details related to the logs,
alarms, and other indicators identified in accordance with the intervention protocol of
each client and the SLA.
Track and update incidents and requests based on the client’s updates and analysis
results.
Skills and Qualifications:
Knowledge and hands-on experience in the implementation and management of
IDS/IPS, Firewall, VPN, and other security products.
Experience with Security Information Event Management (SIEM) tools, creating
advanced co-relation rules, administration of SIEM, system hardening, and
Vulnerability Assessments.
Should have expertise in TCP/IP network traffic and event log analysis.
Knowledge and hands-on experience with any of the SIEM tools like LogRhythm,
QRadar, Arcsight, Splunk, or any SIEM tool.
Knowledge of ITIL disciplines such as Incident, Problem, and Change Management.
Configuration and Troubleshooting experience on Checkpoint, Cisco, Fortigate,
PaloAlto and Sonicwall firewalls would be an added advantage.
Job Features
Job Category Cyber Security
11 days ago 0 Application3 Views
Similar Jobs
PreviousNext
SOC Analyst
Smith & Nephew Kharadi, Pune, Maharashtra
Apply now4 months ago
SOC Analyst
Rite Software Solutions & Services (IN) Hyderabad, Telangana
Apply nowa month ago
SOC Analyst
Upgrade - Canada (Remote)
Apply now5 months ago
SOC Analyst
CloudBees Remote
Apply now5 months ago
SOC Analyst
CloudBees Raleigh, North Carolina, United States
Apply now5 months ago
SOC Analyst
Smith & Nephew Kharadi, Pune, Maharashtra
Apply now2 months ago
SOC Analyst
Insight Enterprises, Inc. Gurgaon, Haryana
Apply now4 months ago
SOC Analyst
Airtel India Gurgaon, Gurugram, Haryana
Apply now2 months ago
SOC Analyst
TerraEagle Bengaluru, Karnataka
Apply now11 days ago
SOC Analyst
Securview Pune, Maharashtra
Apply nowa month ago
Job Overview
Experience
NA