Senior Threat Intelligence Analyst (L3) would work closely with SOC team and be responsible for incident detection, triage, analysis and response. Also, Good experience in Threat Hunting and Threat Intelligence Proactively lead and support incident response team during an incident. Hands on experience of implementation, configurations and management of SIEM tools(Qradar Splunk similar) including log source integrations, custom parser built, fine tuning and optimizing the correlation rules and use cases Is MUST. Proven Experience on Security information and event management (SIEM) tools like (Qradar, Azure sentinel etc.) Having good experience to work in EDR solution like MS Defender Develop into the company expert on tracking the most advanced groups we encounter Provide threat context and integration support to multiple Threat Intelligence sources Maintain expert knowledge of advanced persistent threats tools, techniques, and procedures (TTPs) as well as forensics and incident r esponse practices Analyze technical data to extract attacker TTPs, identify unique attributes of malware, map attacker infrastructure, and pivot to related threat data Identify and hunt for emerging threat activity across all internal external source s Establish standards, taxonomy, and processes for threat modeling and integration Perform threat research and analysis during high-severity cyber-attacks impacting the customer Identify quick defense techniques till permanent resolution. Recognize s uccessful intrusions and compromises through review and analysis of relevant event detail information. Review incidents escalated by Level 2 analysts. Launch and track investigations to resolution. Recognize attacks based on their signatures, differ entiates false positives from true intrusion attempts. Actively investigates the latest in security vulnerabilities, advisories, incidents, and penetration techniques and notifies end users when appropriate. Identify the gaps in security environment & suggest the gap closure Drive & Support Change Management Performs and reviews tasks as identified in a daily task list. Report Generation and Trend Analysis. Front ending the governance meeting with customer and walkthrough of the security statu.
Job Requirements: SIEM Azure Sentinel, Security Operations, SOC Operations Roster
Job Type
Full Time
Location
BANGALORE
Mandatory Skills
MNCJobsIndia.com will not be responsible for any payment made to a third-party. All Terms of Use are applicable.