Dice is the leading career destination for tech experts at every stage of their careers. Our client, Feuji Inc, is seeking the following. Apply via Dice today!
Good Knowledge on SIEM & XDR analysis and incident response.
Splunk SIEM (Worked on multiple SIEM's - good to have )
Good Understanding of Attacks and its patterns, IOA
Good understanding of Security devices logs and its analysis
Good in communication
Good analytical skills with capability to perform detailed analysis for security events/incidents.
- Real time threat monitoring and response activities to enable deliver of complete security incident and event management services on a wide range of security service both on-premises and cloud security services.
- Applying analytical, reasoning, and specialized technical expertise to investigate, identity, correlate and escalate security incidents, network anomalies and proactive/reactive reporting activities.
- Investigate Incident to determine the root cause and follow up with respective teams to ensure incident closure with evidence.
- Gather security intelligence such as new vulnerabilities and threats
- Adhere to Information Security policies, standards, and processes.
- Prepare daily, weekly, and monthly report and submit to SOC manager
- Deliver basic technical tasks assigned as per the timelines and escalate to next level wherever needed
- Maintain activity log, SLA details and other critical information necessary for the smoother execution of project
- Resolve all technical issues / queries which are assigned
- Partner with other cross-functional/customer teams to provide effective resolution
- Monitoring and analysis of cyber security events using security technologies like SIEM, NGFW, UEBA, NGAV, Mail Security, DLP, ADC
- Execution of SOC procedures
- Triage security events and incidents, detect anomalies, and report/notify remediation
actions to the responsible team, and ensure proper tracking until closure
- Ensure completeness of the incident/alert information along with correct incident analysis
- Analysis of phishing emails reported by internal end users
- Escalation of incidents to be handled to L2 SOC team, when relevant
- Follow up on remediation activities of resolver groups
- Triage on general information security tickets
- Regular notifications and periodic reporting on operational activities.
