Job Description

:
L3 SOC Analyst
Experience : 7 plus years
Location : Hyderabad/Trivandrum/Kochi/Bangalore/Chennai
Company: CyberProof, A UST Company
CyberProof is seeking a SOC L3 Engineer who will be part of our growing Global Operations & Delivery team, which monitors, investigates, and resolves security incidents, violations, and suspicious activities. Our global Operations group takes innovative approaches and uses the most cutting-edge technologies to transform the operations of our customers and secure the security landscape.
Main Responsibilities :
Act as an escalation point for high and critical severity security incidents, and conduct thorough investigations to determine potential impact and understand extend of compromise
Analyse attack patterns, Tools, Techniques and Procedures (TTPs) to identify methods of attacks and attack life cycle
Provide recommendations on issue resolution activities such as security controls policy configuration changes and security hygiene improvement
Provide guidance on mitigating risks associated with security vulnerabilities
Hunt for Indicators of Compromise (IOCs) and signs of Advanced Persistent Threats (APTs) within the Client's environment
Conduct threat hunting by means of in-depth log analysis to identify potential threats that may have evaded automated detection
Conduct analysis to gather evidence, validate root cause and analyse extend of compromise leveraging Client's security toolset
Identify gaps and weaknesses in existing security processes and propose enhancements to improve Client's established incident response methodologies
Collaborate with cross-functional teams, to ensure end to end management of security incident lifecycle
Document and update incident response processes, define outcomes for future references and drive continuous improvement
Participate in regular team meetings, Incident Response war room discussions and executive briefing sessions.
Requirements :
Minimum 2+ years of experience as a SOC L3 Analyst working as part of a Global SOC team Resolve, escalate, report, and raise recommendations for resolving and remediating security incidents.
Be an escalation point for investigations of clients and suggest optimization activities to improve their performance.
Proactively monitor and review threats and suspicious events from customers participating in the service.
Handle the advanced monitoring of system logs, SIEM tools, and network traffic for unusual or suspicious activity.
Set up SIEM solutions and troubleshoot connectivity issues.
Investigate and resolve security violations by providing post-mortem analysis to illuminate issues and possible solutions.
Collate security incident and event data to produce monthly exception and management reports.
Report unresolved network security exposure, misuse of resources, or noncompliance situations using defined escalation processes.
Assist and train team members in the use of security tools, the preparation of security reports, and the resolution of security issues.
Develop and maintain documentation for security systems and procedures.
Experience in handling Linux servers, familiar with Linux OS and commands
Requirements Maintain excellent customer satisfaction through professional, proactive and personal service.
Experience with SIEM vendors such as QRadar, ArcSight, RSA, and LogRhythm Experience in incident response, and in writing procedures runbooks and playbooks
Ability to work with customer's IT and security teams
About Company:
UST is a global digital transformation solutions provider. For more than 20 years, UST has worked side by side with the world's best companies to make a real impact through transformation. Powered by technology, inspired by people and led by purpose, UST partners with their clients from design to operation. With deep domain expertise and a future-proof philosophy, UST embeds innovation and agility into their clients' organizations. With over 30,000 employees in 30 countries, UST builds for boundless impact--touching billions of lives in the process.