IBM SOC Analyst L2 

India, Haryana, Gurugram District 

430156671

What you’ll do:
Primary Responsibility:

• Working experience of 3.5+ Years
• SOC Analyst (L2) would work closely with the SOC team and be responsible for incident detection, triage, analysis, and response.
• Proactively lead and support the incident response team during an incident.
• Proven Experience on any of the Security information and event management (SIEM) tools like (Qradar (preferred), MS sentinel)
• Basic Experience of structured and unstructured threat hunting using SIEM and other threat hunting tools
• Basic understanding of SOAR using IBM Resilient or equivalent
• Identify quick defence techniques till permanent resolution.
• Recognize successful intrusions and compromises through review and analysis of relevant event detail information.
• Review incidents escalated by Level 1 analysts.
• Launch and track investigations to resolution. Recognize attacks based on their signatures, differentiates false positives from true intrusion attempts.
• Actively investigates the latest in security vulnerabilities, advisories, incidents, and penetration techniques and notifies end users when appropriate.
• Identify the gaps in security environment & suggest the gap closure
• Identify and recommend the false positives or alerts required fine-tuning to enhance the SOC operations efficiency
• Performs and reviews tasks as identified in a daily task list.
• Report Generation and Trend Analysis.
• Good to have hands on experience with managing SIEM solutions on public/private clouds like Amazon AWS, Microsoft Azure, etc.
• Willing to work in 24×7 rotational shift model including night shift.

KRA:

• Identify & investigate the security incidents
• Identify the security gaps and drive for closure through Change Mgmt
• Monitor the security logs /alerts from various devices and escalate/investigate the incident
• To explore different security technologies available in the market
• Maintain security dashboards
• Coordination with internal customers for their security-related problems and providing recommendations.
• Create and manage the SOPs, runbooks and Asset inventory with risk classification
• Handle L2 and above level technical escalations from L1 Operations team and resolve within SLA.
• Work closely with L1 team members to provide quick support & escalation.
• Train other analysts in their role and responsibilities

How we’ll help you grow:
You’ll have access to all the technical and management training courses you need to become the expert you want to be.
Our team leads love to mentor in case of technical difficulty.
You have the opportunity to work in many different areas to figure out what really excites you

Required Technical and Professional Expertise

• Hands-on experience required in Qradar SIEM and SOAR.
• Desired experience in Threat hunting, Threat intelligence.
• Worked on tools belongs to Qradar, UEBA, UAX.
• Must have desire to learn or cross skill with new technologies.
• Must be able to work in morning, evening, and night shifts (24*7) – Mandatory.
• Bachelor’s degree in engineering/information security, or a related field.
• Relevant certifications such as CEH, CISSP, CISM, CompTIA CASP+, or equivalent.
• Proven experience to work in a SOC environment.
• Deep technical knowledge of security technologies and advanced threat landscapes.
• Proven experience in managing and responding to complex security incidents.
• Strong analytical and problem-solving skills.
• Excellent communication and collaboration abilities.
• Ability to work in a fast-paced, dynamic environment.

Preferred Technical and Professional Expertise