Your Role and Responsibilities As SIEM Analyst, you will be responsible for handling the daily monitoring of Information security events on the SIEM tools. These Senior Specialists are QRadar SMEs that are responsible for event analysis & threat responses. They would also be performing investigation of events escalated from monitoring (Level-1 & 2) team, along with hygiene & availability of enterprise SOC platform.
Responsibilities:
Cyber Security Threat Hunter should have knowledge regarding advanced persistent threats (APT), cybercriminal groups, and hacktivist operations.
Candidate should have knowledge and experience working with the Cyber Kill Chain Model, Diamond Model or MITER ATT&CK Matrix.
The ability to track APT groups motives, analyse current security controls data logs and brief reporting for new ongoing cyber threat operations.
Candidate must also understand security vulnerabilities and malicious actor tactics, techniques, and procedures (TTPs) to assess known and emerging cyber threats and better evaluate the effectiveness of layered defenses and toprovide strategic recommendations on new technical and non-technical protections.
Successful shortlisted candidate will be working with our Threat Intelligence team to develop IOCs for specific cyber threat actors or groups and to understand their tactics, techniques and procedures.
Required Technical and Professional Expertise
Overall, 4 years of experience with 3+ of relevant experience.
B.E./ B.Tech/ MCA/ M.Sc. in Computer Science or IT
Proven expertise in handling incident, threat response, incident co-ordination, threat mitigation, recovery support
Security Consulting and policy tuning with Situational & environment awareness of business & Incident response.
Proficient in monitoring security events from various SOC channels (SIEM, Tickets, Email and Phone), based on the security event severity to handle the service support teams, tier2 information security specialists.
Expertise in threat modelling and Use case development and ability to review policies of security monitoring tools based on security concepts and logical approach.
Work in a 24×7 Security Operation Centre (SOC) environment