Job description

The job involves monitoring, analyzing, and escalating SIEM alerts, performing threat hunting, and enhancing SOC operations quality as a manager in the GSOC environment. Key skills required include proficiency in domain knowledge, threat hunting, SIEM tools, incident handling, Python scripting, and familiarity with various operating systems and windows Azure and AWS infrastructure.

Responsibility

• Actively monitoring, analyzing & escalating SIEM alerts.
• Provide inputs for content tuning & use case enablement.
• Perform threat hunting and phishing email analysis.
• Triage and assign Incident Handling, follow playbook instructions.
• Comprehend logs and perform quality assessment on SOC operations.
• Record deviations and perform follow-ups to mitigate process deviations.
• Identify process deviations, perform RCA, and generate recommendations.
• Contribute to overseeing quality assessment for multiple SOC verticals.
• Support as QA touchpoint in critical cyber incidents.
• Communicate and collaborate effectively with teams globally.

Qualifications

• BE/B.Tech/Post-Grad/Graduate or Postgraduate in any discipline.
• 2-4 years of relevant experience.
• Certification preferred: CSA, CISM, CCSP, Microsoft Azure Suite.
• SOC experience preferred.
• Proficiency in Microsoft productivity tools (Word, PowerPoint, Excel).
• Understanding of analytics concepts and ability to generate trends.
• Windows/Azure/AWS infrastructure knowledge is an advantage.
• Experience with Windows security tools like Defender and Sentinel.
• Excellent communication skills.