Security Operations Center Analyst

Position Overview :

We are seeking an experienced SOC (Security Operations Center) Analyst to join our cybersecurity team. The ideal candidate will have at least three years of hands-on experience in security operations, with expertise in using CrowdStrike and Sumo Logic. As a SOC Analyst, you will be responsible for monitoring, detecting, analyzing, and responding to security threats and incidents across our enterprise. You will play a key role in safeguarding our organization's assets, ensuring our systems remain secure and resilient against cyber threats.

Key Responsibilities :

• Incident Detection and Analysis : Monitor security events and alerts using various security tools and technologies. Analyze and investigate potential security incidents to determine their nature, scope, and impact. Will act as primary escalation point within the team.
• Incident Response : Execute predefined incident response procedures to contain and mitigate security breaches. Coordinate with relevant stakeholders to ensure swift resolution of incidents and minimize downtime.
• Threat Hunting : Proactively search for signs of advanced threats within the network environment. Utilize threat intelligence sources and advanced analytics to identify and neutralize potential security risks. Assist in threat signature implementation and tuning.
• Detection Engineering : Develop and maintain detection rules, correlation, and algorithms to identify anomalous behavior and security threats across various data sources, including network traffic, logs, and endpoint telemetry. Conduct research on emerging threats, attack techniques, and security technologies to continuously improve detection capabilities and stay ahead of evolving threats.
• Security Tool Management : Manage and maintain security technologies such as SIEM (Security Information and Event Management), IDS / IPS (Intrusion Detection / Prevention Systems), endpoint security solutions such as SentinelOne and Crowdstrike, and other relevant tools such as vulnerability management tools. Fine-tune configurations to optimize detection capabilities.
• Documentation and Reporting : Document incident details, analysis findings, and remediation actions taken for reference and reporting purposes. Prepare comprehensive incident reports and contribute to ongoing security status updates. Lead in the development of playbooks for operational responses to security and cyber threats. Will report findings to customer as required.
• Collaboration and Knowledge Sharing : Work closely with analysts, SOC leadership, and other cybersecurity teams to share insights, best practices, and lessons learned. Participate in knowledge transfer sessions and training programs to enhance team capabilities.
• Continuous Improvement : Identify opportunities for process improvements, automation, and optimization within the SOC environment. Contribute to the development and implementation of new security policies, procedures, customer runbooks and controls. Participate in continuous training and improvement of internal teams.
• Shift Lead : Act as Shift Lead and first point of escalation for SOC Analysts and customers. Ensure incident identification, assessment, quantification, reporting, communication, mitigation, and monitoring. Ensures standards and procedures for alerts are addressed with relevancy, accuracy and in a timely manner. Lead shift hand off meetings.

Required Experience :

Preferred Qualifications :