5+ years of experience as SOC Analyst (Level 2 and Level 3)
L2/L3 Level Expertise in any of the SIEM (Qradar, ArcSight, LogRhythm, Splunk, Securonix, Azure Sentinel or any other tools)
Clear Understanding of SOC Architecture and Technologies
Knowledge on SOAR and ITSM
Clear understanding of incident response process of SOC and Manage Customer incident.
In depth knowledge of Analysis & Reporting of Security Incidents
Knowledge on Network administration, Firewall Administration, Endpoint Protection Platform (Products like Trend Micro, Crowdstrike, Palo Alto, Sophos, Microsoft etc.)Â Â
Understanding of XDR / EDR and experience of working on such tools
Experience in integrating devices of IT infrastructure with SIEM and SOC platform.
Understanding of SOAR Play Book and SOC Automation
Hands on experience in Incident, Change & problem management.
In depth analytical knowledge of incident & change management, SLA management
Good English-speaking skills
Excellent Customer handling skills
Â
(Optional)
Good knowledge in Privilege Identity & Access Management
In depth understanding of configuration and management of IT devices (network devices, network security devices, servers, desktops/laptops, security applications like AV etc.)
Working knowledge of Active Directory, MS Exchange
Good understanding of ITIL process
Working knowledge of Active Directory, MS Exchange
Cloud Security Management
Certification
SIEM Certification (Mandatory)
Endpoint Security Platform Product like Trend Micro, Sophos, CrowdStrike
Firewall Administration
ITIL
Cisco networking
Microsoft (optional)
IT Security certifications like CEH, CHFI, LPT etc.
Process certifications like ISO 27001 LA / ISO 27001 CLIP