Security Analyst Job in Securityhq

Responsibilities Good knowledge of SIEM, SIEM Architecture, SIEM health check. Good verbal/written communication skills. Review of daily health check of SIEM components like collector, processor, console etc. Data archiving and backup and data purging as required and for compliance. Raising change management tickets for SOC Administration activities like Patch upgrade for SIEM etc. Helping L3 and assisting L1 with required knowledge base details and basic documentations. Co-ordination with L1 and SOC Monitoring team on troubleshooting issues and highlighting it to L3 for further resolution and escalation. High ethics, ability to protect confidential information. Work on fine tuning of correlation rules, creation of monitoring dashboards and filtering of traffic. Building of incident reports, check if SLA has been met for incident alerting and incident closure. Update and maintain SOC knowledge base for new security incidents and docs. Creation of daily status report sheet and submit to SOC lead for review. Review advisories and make necessary detection measures. Troubleshooting non-reporting devices and maintain device status. Working with OEM (Tool support) in a way to resolve the issue or incident raised. Administration of Windows Servers on which the tools have been installed. Essential Skills Escalation point for L1 and SOC Monitoring team. Good experience in SIEM administration and event flow architecture and different types of logs generated by devices like Windows, Proxy, Network Devices, Database etc. Good understanding of Firewall, IDP/IPS, SIEM functioning (Generalize HLD as well as LLD). Deep understanding of Windows, DB, Mail cluster, VM and Linux commands. Must have knowledge of onboarding different devices into SIEM Knowledge of network protocols TCP/IP and ports. Team spirit and working ideas heading to resolution of issues. Good verbal/written communication skills.