.. teams as needed. Qualification Bachelor's degree in Marketing, Business Administration, or a related field. Strong strategic thinking and analytical skills, with .. for transparent communication. Track campaign performance, and generate reports to evaluate the success and impact Managing Marketing Channels including .. read more
Security operation Center (SOC) – L3/Tier 3- Threat Hunte r Must have skills IBM QRadar Administration/L3 SOAR hands on Log Analysis Threat Hunting Incident Response Troubleshooting Certifications/ Trainings Blueteaming Experience 7 -12 yrs 24/7 Operations Gurgaon Location Immidiate to 60 days NP JD :- Role and responsibilities: • Participate in a rotating SOC on-call; rotation is based on the number of team members. • Provide first-line SOC support with timely triage, routing and analysis of SOC tasks. • Researches, develops, and monitors custom visualizations. • Researches, analyzes, and writes documents such as cybersecurity briefings for all levels of stakeholders from Tier 1-3 SOC, security engineering, and executives. • Tunes and develops SIEM correlation logic for threat detection. • Ensures documentation is accurate and complete, meets editorial and government specifications, and adheres to standards for quality, graphics, coverage, format, and style. • Develop scripts using Python to automate IR functions, including (but not limited to) IOC ingestion and SIEM integration via REST APIs to minimize repetition of duties and automate tasks. • Produce and review aggregated performance metrics. • Perform Cyber Threat Assessment and Remediation Analysis • Processing, organizing, and analyzing incident indicators retrieved from the client environment and correlating said indicators to various intelligence data. • Assisting in the coordination with internal teams as well as in the creation of engagement deliverables for a multitude of activities, including but not limited toInsider Threats, Rule of Engagement (ROE), Threat Hunting, After Action Reports, and other artifacts to support testing, monitoring and protecting the enterprise. • Investigate network and host detection and monitoring systems to advise engagement processes. • Develop and Execute bash and python scripts to process discrete log files and extract specific incident indicators; develop tools to aid in Tier 1 and Tier 2 functions. • Participate in on-call rotation for after-hours security and/or engineering issues. • Participate in the increase of effectiveness and efficiency of the SOC, through improvements to each function as well as coordination and communication between support and business functions. • Think critically and creatively while analyzing security events, network traffic, and logs to engineer new detection methods. • Work directly with Security and SOC leadership on cyber threat intelligence reports to convert intelligence into useful detection. • Participate in on-call rotation for after-hours security and/or engineering issues. • Collaborate with incident response team to rapidly build detection rules as needed. • Responsible for supporting 24x7x365 SOC operations including but not limited to: Alert and notification activities- analysis/triage / response, Review and action on Threat Intel for IOCs and other operationally impactful information, initial review and triage of reported Incidents. • Perform analysis across all security tools, uncovering attack vectors involving a variety of malware, data exposure, and phishing and social engineering methods. • Monitoring/triage security events received through alerts from SIEM or other security tools; escalate and support to IR as appropriate. • IDS monitoring and analysis, analyze network traffic, log analysis, prioritize and differentiate between potential intrusion attempts and false alarms Review and reporting on anomalous patterns (Hunting) across all security tools / SIEM. • Develop in in-depth understanding of customer and SOC operations requirements and policies. • Ensure reports are properly entered into the tracking system. • Perform customer security assessments. • Supporting incident response or remediation as needed • Participate and develop and run tabletop exercises. • Perform lessons learned activities. • Supporting ad-hoc data and investigation requests • Composing reports, updates, security alert notifications or other artifacts and documents as needed Required Experience Minimum of nine (9) years technical experience • 7+ years of experience in SOC, security operations, cyber technical analysis, threat hunting, and threat attribution assessment with increasing responsibilities. • 3+ years of rule development and tuning experience • 1+ years of Incident response