Roles and Responsibilities :
- Monitor Client events for malicious traffic
- Monitor Alerts which are triggered for the client
- Escalate the Alerts/Malicious traffic to SOC Analyst/Shift lead for their Review
- Update Signatures for IDS/IPS for managed Customer
- Follow-up with the SOC Analyst for open tickets
- Follow-up with vendors for open issues
- Perform tasks as identified in a daily task list
- Administration of SIEM tools, patching, and DR
Key Skill
Essential Skills:
- Knowledge and hands-on experience in management of IDS/IPS, Firewall, VPN, and other security products
- Experience in Security Information Event Management (SIEM) tools, creation of basic co-relation rules, and administration of SIEM
- Should have expertise on TCP/IP network traffic and event log analysis
- Knowledge and hands-on experience in, ANY SIEM tool.
- Knowledge of ITIL disciplines such as Incident, Problem and Change Management
Additional Desired Skills
- Strong interpersonal and presentation skills
- Ability to work with minimal levels of supervision or oversight
- Adherence to security policies
Desired Candidate Profile
- Bachelors in Computer Science/IT/Electronics Engineering, M.C.A. or equivalent University degree
- Minimum of 1 year of experience in the IT security industry, preferably working in a SOC/NOC environment
- Certifications: CCNA, CCSP, CEH