Security Operations Center Analyst

Job Title : SOC Analyst. Location : Mumbai. Timing : 8am 5pm. Experience : 4 Years. Job Description : - Configure and maintain the SIEM system, ensuring that it's properly set up to collect and analyze security event data. - Develop, customize, and manage security rules within the SIEM to detect and respond to security threats. - Monitor SIEM alerts, investigate them, and take appropriate actions based on the severity and nature of the alerts. - Oversee the collection, normalization, and storage of log data from various sources. - Develop and document incident response procedures, and lead or assist in incident response efforts when security incidents occur. - Analyze and investigate security events from various sources. - Manage security incidents through all incident response phases to closure. - Utilize SIEM, SOAR, UEBA, EDR, NBAD, PCAP, Vulnerability Scanning, and Malware analysis technologies for event detection and analysis. - Update tickets, write incident reports, and document actions to reduce false positives. - Develop knowledge of attack types and fine-tune detective capabilities. - Identify log sources and examine system logs to reconstruct event histories using forensic techniques. - Align SIEM rules and alerts with the CLIENTs security poClienties and compliance requirements. - Conduct computer forensic investigations, including examining running processes, identifying network connections, and disk imaging. - Maintain and support the operational integrity of SOC toolsets. - Collaborate with SIEM solution vendors for updates, patches, and support to ensure the system's reliability and effectiveness. - Maintain thorough documentation of the SIEM system's configuration, procedures, and incident response plans. - Proactively identify and report system security loopholes, infringements, and vulnerabilities to the Security Operations Centre Manager in a timely manner. - Work closely with other IT and security teams during incident response, coordinating efforts and sharing information to mitigate security incidents effectively. - Ensure that the SIEM system helps the CLIENT meet regulatory compliance requirements and is ready for security audits. - Continuously optimize the SIEM system for efficient performance, ensuring it can handle the volume of data and remain responsive. - Develop automation scripts and workflows to streamline common security response tasks and enhance efficiency. (ref:hirist.tech)

Location: mumbai, IN

Posted Date: 4/25/2025