Having 1+ years relevant experience in Information Security and currently working as Security Analyst (Security Operation Center team).
Hands-on experience in Threat Analysis and Security Monitoring and operation.
Experience with SIEM (Security Information and Event Management) tools like Splunk, and QRadar.
Monitoring real-time events using Splunk, and QRadar tools.
Preparing reports as per client requirements.
Investigating and creating cases the Security Threats, Threat analysis, and forwarding them to the Onsite SOC team for further investigation and action.
Experience in performing log analysis, malware analysis, DLP, and analyzing critical alerts on an immediate basis.
Filling out the Daily health checklist.
Recognizing attacks based on their signatures.
Experience
Working in Security Operation Center (24x7), monitoring SOC events, detecting and preventing Intrusion attempts.
Responding to various security alerts, and incidents for various clients and scanning for vulnerabilities using tools like Nessus.
Monitoring real-time events using SIEM tools like Splunk, and QRadar.
Monitoring, analyzing, and responding to infrastructure threats and vulnerabilities.
Collecting the logs of all the network devices and analyzing the logs to find suspicious activities.
Investigate the security logs, and mitigation strategies and be responsible for preparing generic security incident reports.
Monitoring 24x7 for Security Alerts and targeted phishing sites by using the SIEM tool with the help of technologies such as Watermark, Referrer, and Abuse mailbox.
Website Anti-Malware monitoring and real-time alerting based on anomalies detected.
Malware analysis using Sandbox(cuckoo)
Configured reports in Splunk Logger as per the requirement.
Maintenance of Splunk Products like its Health checks which also includes Splunk reports, and dashboards.
Responsible for preparing the root cause analysis reports based on the analysis.
Analyzing daily, weekly and monthly reports.
Creating the tickets in the ticketing tool.
Having Good communication skills, both verbal and written, with the ability to express complex
Ability to collaborate and communicate effectively and respectfully with both business-oriented
Experience in performing security monitoring and incident response activities in an advanced.
