SOC- Alien vault Openings in Bangalore at Mindtree
Role description :
Good experience in SOC / SIEM / Various Security Solutions.
Good experience on working on AlienVault USM Anywhere SIEM Solution,
24x7 Active monitoring of Security events using SIEM (based on standard operating procedure).
Creates, configures and fine tunes correlations for SIEM software according to customer environment and requirements.
Reviews, analyzes, escalates and responds to security events triggered through the SIEM software according to internal security procedures of the customer.
Analyst would monitor network security events and take appropriate action based on security policy.
Creates, manages and runs reports, queries and prepare dashboards using SIEM software for customers.
Documents procedures for other Analysts, and functions as a technical escalation for investigations.
Performs Incident Analysis.
Remains on the cutting edge of exploits and vulnerabilities and provides proactive feedback to customers as required.
Provides suggestions for improvement of tools and processes. Responsible for troubleshooting agent software issues.
Reviewing reports to ensure quality and accuracy is a part of the job for SOC analysts.
SOC analysts also perform analysis of log files. Includes forensic analysis of system resource access.
Knowledge of firewalls and intrusion detection systems is a plus for SOC analyst position.
Understanding of common network services (web, mail, FTP, etc.), network vulnerabilities, and network attack patterns is a must.
Strong analytical and problem solving skills are needed to perform the job of a SOC analyst.
Understand cyber - attack methods, Perform analysis of security logs in an attempt to detect unauthorized behavior, provide daily reports to Manager.
Monitor alerts received from the monitoring systems and take appropriate action based on the defined processes.
Analyze network traffic patterns, system logs, and audit files for compliance with security policies.
Ability to communicate and listen effectively.
Hands on experience and ability to do Root cause analysis, Problem & Capacity Management.
Inclination towards emerging technologies.
Mandatory Skills: (Must have skills)
Good knowledge on AlienVault USM.
Understanding networking fundamentals: TCP/ IP, ports, protocols, and infrastructure setup.
Strong understanding of OWASP top 10 and other Web application vulnerabilities.
Knowledge of HTTP protocol (Requests, responses, Cookies etc.)
Understand cyber- attack methods such as SQL Injection, Cross Site Scripting attacks (XSS), DDOS, Buffer- overflow etc.
Sound understanding of Information Security concepts.
Exposure to commercial or open source security monitoring tools (IDS/ IPS, Firewall, database Security, vulnerability management, etc.)
Understanding of regulatory compliance requirements (PCI, HIPAA, GLBA, SOX) are an asset.
Knowledge of any scripting language (Python, Shell scripting etc) is an added advantage.
A team player with good communication skill.
Should be certified in any of the following: CEH, GCIA, GCIH, GWEB, GWAPT, CompTIA Security+
8 - 12 Years
If you think your profile fits the requirements please mail the same at email@example.com for getting referred.
Note : - Gold Members will get priority in the referral opportunities, personal pitching of their profile by our team, ATS Resume Makeover, Cover Letter, ATS Score Check and a certified course for free.