SOC L2

• As a Senior Security Analyst (Tier 2) you will be responsible for monitoring in-house and client security alerts/incidents while working in shifts.
• Primary responsibilities include participating in various incident investigations, creating new detection methodologies and providing expert support to alerting, incident response and monitoring functions.
• Day to day operations involves dealing with SIEM Monitoring, reporting and security incident handling

• Experienced with data analysis, centralized logging (Splunk. QRadar, ELK, Kafka, rsyslog, etc.);
• Scripting and development skills (BASH, Perl, Python or Java) with strong knowledge of regular expressions.
• Cloud Security, SANS Trainings and GIAC Certifications preferred.
• Offensive Security Certifications like OSCP, OSCE etc.
• Vendor certifications like SPLUNK, ELK Stack, Big Data frameworks preferred
• Capability to develop use cases or additional detection capabilities based on the SIEM query language, understanding of incident response.
• Skill to analyze large data sets and unstructured data, manually or using tools to identify trends and anomalies indicative of malicious activity.
• Linux incident handling skill would be preferred
• Knowledge of current security threats, techniques and landscape, and dedicated desire to research current information security landscape.
• Experience in analyzing networking protocols, firewalls, host and network IPS, Linux, virtualization containers technologies, databases, web servers.
• Splunk certifications and experience preferred.

ValueMentor