Still Struggling with Hiring? Discover Olibr's Solution Now!
Login / RegisterJob SeekerRecruiter
Login/Register

Network SOC L2 Analyst - SIEM|Gurgaon|4+Yrs

  • Overture Rede
  • India, G...
  • 4 - 5 Yrs

Job Description

  • We are seeking a highly skilled and motivated Network SOC L2 Analyst to join our Security Operations Center (SOC) team.In this role, you will play a critical role in defending our organization against cyber threats by monitoring network activity, investigating security incidents, and implementing security best practices.
  • Minimum 4-5 years of experience in cybersecurity operations, ideally within a 24/7 Telecom/IT SOC environment.
  • Hands-on experience in incident response and investigation within a large telecom or enterprise IT environment.
  • Bachelor's degree in Computer Science, Information Technology, Electronics and Communication Engineering (ECE), or equivalent work experience.
  • Security certifications (CEH, CCNA, CompTIA Security+) and experience with SIEM and EDR solutions (ELK/Splunk/CrowdStrike) are highly desirable.

Job Responsibilities

  • Security Information and Event Management (SIEM) :
  • Manage and operate SIEM systems (Splunk, ELK) for real-time security event monitoring and analysis.
  • Create, refine, and maintain SIEM correlation rules to identify potential security incidents.
  • Conduct threat hunting activities to proactively identify and mitigate potential security risks.
  • Endpoint Detection and Response (EDR) :
  • Manage and utilize EDR solutions (Crowdstrike) for endpoint threat detection, investigation, and response.
  • Analyze EDR alerts to identify suspicious activity and potential malware infections.
  • Remediate endpoint threats according to established procedures.
  • Service Now/Remedy and SOAR tools :
  • Utilize ticketing systems (ServiceNow/Remedy) to document, track, and manage security incidents.
  • Work with SOAR tools to automate incident response workflows and improve efficiency.
  • Storage Management :
  • Manage Network Attached Storage (NAS) devices for secure storage of security data.
  • Cloud Security :
  • Possess a strong understanding of cloud security principles and best practices (Azure/AWS).
  • Cybersecurity Expertise :
  • Demonstrate a deep understanding of various cyberattacks, techniques, and procedures (TTPs).
  • Analyze event logs, conduct forensic investigations using tools like Wireshark/Nmap/TCPdump.
  • Technical Skills :
  • Possess a thorough understanding of diverse telecommunications and infrastructure technologies (5G, 4G, Fixed line).
  • Proficient with Windows, Unix, and various security tools (NGFW, IDS/IPS, AV/EDR, Proxy).
  • Familiar with the SOC operation process, incident lifecycle, and the NIST cybersecurity framework.
  • Threat Intelligence :
  • Stay informed about current attacker trends, threat actor tools, and Indicators of Compromise (IOCs).
  • Integrate threat intelligence feeds into SIEM to enhance threat detection capabilities.
  • Incident Management and Response :
  • Contribute to the overall security incident management process, including threat hunting, vulnerability management, endpoint detection and response, and security event monitoring.
  • Investigate security incidents, conduct root cause analysis, and implement appropriate remediation actions.
  • Own and manage security incident tickets, ensuring timely resolution and closure.
  • Reporting and Analysis :
  • Generate reports for weekly/monthly dashboards, audit purposes, KPIs, and root cause analysis (RCA) of critical incidents.
  • Process Management :
  • Create and manage trouble tickets (TTs) within established ticketing systems.
  • Correlate incidents or problems and assist L3 analysts in investigations.
  • Recommend improvements to use cases (UCs) for enhanced security posture.
  • Threat Awareness and Communication :
  • Stay updated on threat advisories and share relevant information with the team.
  • Enrich SIEM with new IOCs based on threat intelligence updates.
  • Technical Support :
  • Provide technical security support to various teams during incident response and remediation activities.
  • Documentation and Procedures :
  • Document and update playbooks and other operational procedures to ensure clarity and consistency.
  • Soft Skills :
  • Excellent communication and technical writing skills for conveying complex technical information to diverse audiences.
  • Action-oriented and results-driven with strong time management skills.
  • Flexible, reliable, and possess excellent problem-solving and analytical skills.
  • Thrive in a team environment and demonstrate excellent interpersonal skills.

Location

Gurgaon, Haryana, India

About Company

Overture Rede is an (ISO 9001:2008), group of companies, focused on providing end to end Information & communication services & solution across the world. We believe in creating value for business & our clients through our quality services. Our commitment to deliver quality customer solutions has been the guiding factor in our development of a comprehensive menu of services. We strive to develop solutions that allow businesses to save time and money. We are dedicated to developing solutions that help alleviate the problems in IT Services, corporate training, competency assessments, staffing & payroll management for customer to focus on more pressing issues