Still Struggling with Hiring? Discover Olibr's Solution Now!

Network SOC L2 Analyst - SIEM|Gurgaon|4+Years

  • Overture Rede
  • India, G...
  • 4 - 5 Yrs
  • 12.0 - 14.0 LPA

Job Description

  • We are seeking a highly skilled and motivated Network SOC L2 Analyst to join our Security Operations Center (SOC) team.
  • In this role, you will play a critical role in defending our organization against cyber threats by monitoring network activity, investigating security incidents, and implementing security best practices.

Qualifications:

  • Minimum 4-5 years of experience in cybersecurity operations, ideally within a 24/7 Telecom/IT SOC environment.
  • Hands-on experience in incident response and investigation within a large telecom or enterprise IT environment.
  • Bachelor's degree in Computer Science, Information Technology, Electronics and Communication Engineering (ECE), or equivalent work experience.
  • Security certifications (CEH, CCNA, CompTIA Security+) and experience with SIEM and EDR solutions (ELK/Splunk/CrowdStrike) are highly desirable.

Job Responsibilities

Security Information and Event Management (SIEM):

  • Manage and operate SIEM systems (Splunk, ELK) for real-time security event monitoring and analysis.
  • Create, refine, and maintain SIEM correlation rules to identify potential security incidents.
  • Conduct threat hunting activities to proactively identify and mitigate potential security risks.

Endpoint Detection and Response (EDR):

  • Manage and utilize EDR solutions (Crowdstrike) for endpoint threat detection, investigation, and response.
  • Analyze EDR alerts to identify suspicious activity and potential malware infections.
  • Remediate endpoint threats according to established procedures.

ServiceNow/Remedy and SOAR Tools:

  • Utilize ticketing systems (ServiceNow/Remedy) to document, track, and manage security incidents.
  • Work with SOAR tools to automate incident response workflows and improve efficiency.

Storage Management:

  • Manage Network Attached Storage (NAS) devices for secure storage of security data.

Cloud Security:

  • Possess a strong understanding of cloud security principles and best practices (Azure/AWS).

Cybersecurity Expertise:

  • Demonstrate a deep understanding of various cyberattacks, techniques, and procedures (TTPs).
  • Analyze event logs, conduct forensic investigations using tools like Wireshark/Nmap/TCPdump

Location

Gurgaon, Haryana, India