SOC Analyst - L1

As a Security Operation Engineer - Tier 1, you will leverage your technical expertise for our Managed Extended Detection and Response (M-XDR) capabilities in some of the world’s most advanced and complex infrastructures. Your input will also help shape and increase client security posture, deliver client satisfaction, and continually improve upon the client’s existing service(s)
 

The Security Operation Engineer - Tier 1 is responsible for acting as a service representative and trusted advisor to the client, understanding their specific needs and pain points. This position includes security event analysis, threat assessment, security incident response strategy, and coordinating all cybersecurity-related investigations and incident response in partnership with the stakeholders within Cybalt and customer organization and 3rd Party Providers. 
 

Job Description:

• Security Operation Engineer - Tier 1 will be responsible for incident monitoring, analysis, content development, and use case creation.
• They will be responsible for content creation and fine-tuning based on the requirement.
• Give incident description and recommendation as per security best practices.
• Generate reports from SIEM tools daily/weekly/monthly and submit them to clients with analysis.
• Willing to work in 24/7 shift
• Coordinating with Support Team / Cross Domains to fix technical issues
• Responding to alerts from the various monitoring/detection systems and platforms within defined SLAs.
• Interact with users, drive security incidents end to end, and coordinate with different technology teams to resolve the incident.
• Analyze data and events within the SIEM or SOAR for prioritization and priority elevation

Requirements:

• Relevant experience of 1-3 years.
• Basic understanding of cybersecurity principles and general knowledge of cybersecurity technologies, as well as industry-recognized certifications
• Understanding possible attack activities such as network probing/ scanning, DDOS, malicious code activity, etc.
• General knowledge of the capabilities and/or configuration of cybersecurity controls, specifically those relating to firewalls, access control, authentication, anti-virus/anti-malware, patching, and logging
• Understanding of fundamental networking protocols such as TCP/IP, DNS, HTTP, DHCP, etc. 
• Demonstrate capability to make sound decisions based on good security practices and principles
• Demonstrate an understanding of business principles and operational security practices specific to engineering and/or security consulting
• Able to take ownership of tasks and see-through completion,
• Willingness to learn, absorb and correlate technical information and then be able to interpret and simplify it.
• Endpoint Protection (EDR/Crowdstrike)
• Health/status check of the server & reporting on endpoints
• Block connection to Malicious URL's, Vulnerability scanning & patching, Identify blacklisted/unsupported software usage on endpoints
• Monitoring network traffic for suspicious behavior.
• Creating network policies and authorization roles and defending against unauthorized access, modifications, and destruction.

#LI-AB1

#BlackBoxJobs