SOC Analyst

Responsibilities:

• Develop Deployment plan MS Sentinel Administration Collect and analyze security logs from Azure.
• Deployment and Administration of Microsoft Defender portal and Purview alerts and events.
• Develop detection use cases rules, Investigate alerts, perform deep analysis, and coordinate remediation.
• Developing incident response plans and working with team to contain identified threats.
• Proactively search for threats using advanced security queries.
• Develop, automate, and orchestrate tasks(playbooks) with logic apps based on certain events
• Build automated workflows/playbooks for incident response.
• Fine-tune Azure Sentinel settings and integrate with security tools.
• Generate reports on security incidents and threat trends.
• Analyze digital forensics artifacts on Windows operating systems.
• Expertise with tools such as Wireshark, Redline, IOC editor, Sysmon & Volatility
• monitoring and handling Endpoint Detection and Response (EDR) and Incident Detection and Response (IDR) alerts and events.
• In-depth knowledge of OWASP Top 10 and OWASP API Top 10 security concepts along with common application security risks.
• Ensure Incident Identification, assessment, quantification, reporting, communication, mitigation and monitoring.

Qualifications:

• Bachelor's degree in computer science or information security.
• 1-2 years of experience with operational security, including security operations center, incident response, SOAR and SIEM platform
• Familiarity with security frameworks (HIPAA, NIST CSF, NIST 800-53, CIS)
• Network security & communication protocols (ICMP, TCP/IP, HTTP, SNMP)
• Experience in creating use cases under Cyber kill chain and Mitre attack framework.
• Scripting knowledge (Python, Bash, PowerShell)

Certifications

• eCDFP
• CSA
• eCTHP
• Microsoft Azure Security Engineer Associate

Seniority level

• Entry level

Employment type

• Full-time

Job function

• Information Technology

Industries

• IT Services and IT Consulting