Description :
As a Security Analyst (Tier 1), you will be responsible for monitoring in-house and client security alerts/incidents while working in shifts.
Primary responsibilities include monitoring SIEM platform triaging alerts, work to cover 24/7 service with (8+1) hour work shifts.
Participating in threat-actor based investigations, suggesting new detection methodologies and providing expert support to alerting, incident response and monitoring functions.
Day to day operations involves dealing with SIEM Monitoring, various reporting and security incident handling.
Requirements :
Experienced with data analysis, centralized logging (Splunk. QRadar, ELK, Kafka, rsyslog, etc.);
Scripting and development skills (BASH, Perl, Python or Java) with strong knowledge of regular expressions.
Capability to develop use cases or additional detection capabilities based on the SIEM query language, understanding of incident response.
Skill to analyze large data sets and unstructured data, manually or using tools to identify trends and anomalies indicative of malicious activity.
Linux incident handling skill would be ideal
Knowledge of current security threats, techniques and landscape, and dedicated desire to research current information security landscape.
Experience in analyzing networking protocols, firewalls, host and network IPS, Linux, virtualization containers technologies, databases, web servers.
