Requisition Number: 95102 Cloud Engineer III-SOC Analyst
TotalExp- 5-8 years
- Experience in Cyber Intelligence, Cyber Threat Identification, and Incident Response
- Experience on concepts of malware, malware analysis
- Experience on computer intrusions, incident response forensics capture, forensics analysis.
- Experience on cloud models networks, hosting, security of cloud assets
- Experience and understandings of TCP IP model, host operating systems (Windows), network communication protocols
- Experience on malware host indicators of compromise and network indicators of compromise.
- Preferred experience on industry leading open-source threat intelligence tools such as VirusTotal, Hybrid Analysis.
- Preferred experience on IT networks and OT networks, architectures and common concepts differentiating the two networks.
- Classification and Prioritization of security incidents and generation of tickets.
- Triage and prioritization of detected incidents.
- Root cause analysis of detected incidents
- Forensics and Root cause analysis of detected incidents.
- Conduction of real-time and post-mortem remote incident analysis and remediation.
- Reporting related to Cyber Security Incidents (occurring incidents, common causes, most exposed systems, analytics, solved/unsolved tickets, etc.)
- Investigate enriched tickets and gather enough evidence to identify true positive abnormalities detected in the client's environments.
- Produces regular (weekly, monthly, and quarterly) SOC scorecard reports to demonstrate continuous improvement in the operation and to highlight any area that needs to be addressed by the client.
- Forensics + Malware Analysis.
- Incident Handling.
- Improve cybersecurity posture and preventing, detecting, and responding to threats.
- Proactive security work by using the latest threat intelligence to stay current on threat groups and infrastructure and identify and address system or process vulnerabilities.
- Use the data generated by the SIEM and XDR solutions to identify threats. Filtering out false positives from the real issues and then prioritize the threats by severity and potential impact to the business.
Insight is an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, sexual orientation or any other characteristic protected by law.
Insight India Location:Level 16, Tower B, Building No 14, Dlf Cyber City In It/Ites Sez, Sector 24 &25 A Gurugram Gurgaon Hr 122002 India
Job Segment: Cyber Security, Open Source, Consulting, Cloud, Engineer, Security, Technology, Engineering