Hello Everyone, We are hiring for SOC Analyst for one of our tops clients for a remote location. I have mentioned the below details, Please go over them, and if you qualified please apply. Title - SOC Analyst Duration - 12 Months Location - Remote Required Qualifications:
3 - 5 years of Security Incident Response, Security Operations Center, and/or threat analysis experience.
CompTIA Security + certification
Experience with one or more SEIM: ESM, Splunk, Q-Radar, ArcSight, etc.
Able to use the internet to do research on events of interest.
Familiar with the cyber kill chain.
Working knowledge of cybersecurity and privacy principles.
Working knowledge of cyber threats and vulnerabilities.
Working knowledge of Intrusion Response in the form of day-to-day network traffic analysis and threat assessment/impact analysis.
Familiarity with encryption algorithms, cryptography, and cryptographic key management concepts.
Knowledge of host/network access control mechanisms (e.g., access control list, capabilities list)
Knowledge of vulnerability information dissemination sources (e.g., alerts, advisories, errata, and bulletins).?
Knowledge of incident response and handling methodologies.?
Knowledge of information technology (IT) security principles and methods (e.g., firewalls, demilitarized zones, encryption).?
Knowledge of TCP/IP - addressing, routing protocols, and transport protocols (UDP and TCP), Dynamic Host Configuration, Domain Name System (DNS), and directory services.
Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]).
Knowledge of escalation, incident management and change management processes and procedures of the SOC.
Possess good communication and interpersonal skills.
Ability to interpret the information collected by network tools (e.g. Nslookup, Ping, and Traceroute).?
Knowledge of cyber-attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks).?
Familiarity with network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
Proficient in performance of packet-level analysis using appropriate tools (e.g., Wireshark, tcpdump).
Document and escalate incidents (including event's history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environment.
Receive and analyze security alerts from various sources within the enterprise and determine possible causes of such alerts.
Provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents from benign activities.
Conduct research, analysis, and correlation across a wide variety of all source data sets(indications and warnings).
Assist in the construction of signatures which can be implemented on cyber defense network tools in response to new or observed threats within the network environment or enclave.
Day To Day The Tier 2 Security Operation Center (SOC) Analysts have experience in using SIEM technologies to support in-depth investigations and threat hunting activities. Experience with Enterprise Security Manager (ESM), Splunk, or other SIEM technology required. An understanding of ticket workflow and handling is also required. The Tier 2 Analyst provides support to the Tier 1 SOC Analysts, which may include helping work Tier 1 tickets and/or provide training to Tier 1 Analysts. Tier 2 SOC Analysts are also responsible for researching, responding to, and creating tickets within the ticketing system. Tier 2 Analysts are responsible for:
Determining service impact of security events.
Alerting customers to possible malicious activity.
Working tickets via ticketing system.
Creating tickets for various needs of the SOC.
Research and data collection of events of interest.
Thank You Kanchan Sharma
Other,Access,CSS,Hadoop,Security,management,Documentation,research,architecture,Training,architec,DNS,Intrusion, Communication, LAN, assessment, firewall, ITIL,Interpersonal Skills Other