About the Role - IT Cybersecurity L2 SOC Analyst - RSA Net Witness - 12 months
Responsibilities -
- Monitors and responds to threats in information technology environments, protecting critical infrastructure.
- This role involves advanced threat detection, incident analysis and escalation, and working with IT teams to ensure IT system security and compliance.
- SIEM RSA Net Witness Administration and other Industry best tools hands-on.
- Work with the CISO GRC and Respective departments to follow-up on closure of open incidents within agreed SLA.
- Periodic review of use cases and closely coordination IT support team in order to validate and implement the same. And ensure the coverage of security monitoring across the IT landscape.
- Review and reduce the false positives.
- Should be capable to analysis of the incidents identified to highlight the critical ones over the other incidents.
- Should be experienced enough to work directly with the IT teams, SMEs and department teams to explain the identified issues/ incidents, resolve and escalate.
- Conduct Vulnerability Assessment and prioritize remediation efforts based on risk analysis.
- Collaborate with IT teams to ensure timely application of patches and updates to address vulnerabilities.
- Assist in preparing, participating and responding to security audits (external and internal), providing necessary documentation and evidence of compliance.
- Utilize advanced threat intelligence techniques behavior analysis Anomali detection to identify and mitigate all identified threats.
- Knowledge of MITRE ATT&CK of adversary tactics and techniques based on real-world observations.
- Develop and refine detection rules and YARA rules.
- Perform in-depth analysis of incidents, including identifying the root cause and conduct initial containment, eradication, and recovery efforts for identified incidents.
