Essential Functions of the Job:
- Operate as second level support to a 24x7 managed security operations centre
- Alert clients regarding intrusions and potential intrusions that may compromise their network infrastructure.
- Maintain an inventory of the procedures used by the SOC and regularly evaluate the SOC procedures and add,
- remove, and update the procedures as appropriate
- Takes a proactive role in the resolution of incidents, even after they are escalated
- Work on assigned ticket queue
- Understanding and exceeding expectations on all tasked SLA commitments
- Track and report on closure of tickets as per SLAs
- Escalating issues to Level 2 or Level 3 and management when necessary
- Providing daily and weekly reports on security and vulnerability incidents
- Working in shift teams
Analytical/Decision Making Responsibilities:
- Actively investigates the latest security vulnerabilities, advisories, incidents, and penetration techniques and notifies clients when appropriate
- Recognizes successful intrusions and compromises through review and analysis of relevant event detail information
- Assist in incident determination, ticketing and incident response, prevention and remediation
Knowledge and Skills Requirements:
- Excellent team work, passion and drive to succeed and combat Cyber threats
- Knowledge of SIEM technologies and platforms such as Splunk, ELK, QRadar or others
- Threat Intelligence / feeds platform integration in SOCs
- Thorough knowledge of how the systems support Security Monitoring for the Analysts
- Cyber Incident Response
- In depth Desktop OS and Server OS knowledge
- Strong analytical and problem solving skills
- Network monitoring technology platforms such as Fidelis XPS, RSA or others
- End point protection tools, techniques and platforms such as CarbonBlack, Symantec, McAfee or others
- Internationally recognized technical certifications in relevant areas
- Hands-on experience with TCP/IP, security concepts, WAN and LAN concepts, Routing Protocols, Firewall Security policies
Supervision Responsibilities:
- Coordinate escalations and collaborate with internal technology teams to ensure timely resolution of issues
Other Requirements:
- Should be willing to work in shifts (24/7)
Job Requirements:
Education:
- B. Tech./ B.E. candidate with Basic networking skills
Experience:
- At least 2 -3 years of experience working in SOC environment
Certification Requirements:
- CCNA
- CCSA,CEH, CCNA Security - Preferred
EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.