5 years of experience of Incident Analyst in cyber security projects and experience in SOC tools EDR, SOAR, SIEM
Job Description
The Network and Technology Services team is looking for an Incident Responder to support the cyber security team for EDR, SOAR projects.
We are currently seeking an Incident analyst/responder who can work on various Incidents using owned tool and achieve the desired results.
Primary Responsibilities:
- Work as an Incident analyst using Cyber Security SOC tool using Security Operations process and Incident response strategy to support multiple projects
- Provide Security solutions for XSOAR, EDR projects as required
- Define and implement Threat Hunting and Intelligence framework for SOC team in detection of various types of Incidents
- Defining playbook for various scenarios defined by Architect and BSA
- Perform gap analysis and maturity assessment to align Security strategy and controls
- Provide Forensic investigation in improvement of Incident Life Cycle management from preparation to post event activity
- Help in generating report on daily/monthly basis for various types of incidents which can help management to understand the cause and help in mitigating same issue later
- Work with vendor team to identify the cause and mitigate the incident
- Manage relationships with other business units/stakeholders; Work closely with colleagues and other business stakeholders to deliver various projects.
Requirements:
- 5 years of experience of Incident Analyst in cyber security projects and experience in SOC tools EDR, SOAR, SIEM
- Proficient in using Confluence, Excel, and PowerPoint
- Knowledge of Threat hunting and developing uses cases
- Knowledge of SSO and AD Authentication
- Risk analysis and providing solution
- Follow SDLC and Agile methodologies as per need
- Strong organizational, writing, interpersonal and communication skills
- Self-starter who can set own priorities and can work independently and collaboratively
- Detail oriented, have proactive work style, and ability to manage several priorities concurrently.
- Bachelor’s degree in Computer Science or equivalent experience relevant to cyber security, Information and Network Management.