SOC Analyst
Qualitest · Bengaluru, Karnataka, India
- On site
- Full-time
- ₹400,000 / year
- Bengaluru, Karnataka, India
Job highlights
- Monitor and analyze security events and incidents.
- Respond to security alerts using SIEM and other tools.
- Collect and analyze logs for investigations.
- Manage incidents through ITSM platform.
- Collaborate with IT support and SOC Lead.
About the role
About the Role
Qualitest is seeking a vigilant SOC Analyst to join our Security Operations Center. In this role, you will be responsible for monitoring, analyzing, and responding to security incidents, ensuring the protection of our systems and data. You will work with various security tools, analyze logs, and manage incidents through their lifecycle.
Key Responsibilities
- Acknowledge, analyze, and validate incidents triggered from correlated events through SIEM solutions.
- Acknowledge, analyze, and validate incidents received through other reporting mechanisms such as email, phone calls, management directions, etc.
- Collect necessary logs to aid in incident containment and security investigation.
- Escalate validated and confirmed incidents to the SOC Lead.
- Undertake first stages of false positive and false negative analysis.
- Understand the structure and meaning of logs from various sources like Firewalls, IDS, Windows Domain Controllers, Cisco appliances, AV and antimalware software, email security, etc.
- Open incidents in the ITSM Platform to report triggered alarms or detected threats, ensuring all details, logs, alarms, and indicators are properly documented per the intervention protocol and SLA.
- Track and update incidents and requests based on client updates and analysis results.
- Report infrastructure issues to the IT support team.
- Perform other duties related to the position.
Essential Skills and Qualifications
- Knowledge and hands-on experience in the management of McAfee EDR, CrowdStrike, ENS, DLP, CASB, and other security products.
- Experience with Security Information and Event Management (SIEM) tools like LogRhythm and McAfee, including creation of basic correlation rules and SIEM administration.
- Expertise in TCP/IP network traffic and event log analysis.
- Knowledge of ITIL disciplines such as Incident, Problem, and Change Management.
Expectations
- Experience: 0 - 4 years.
- The SOC Engineer will be responsible for monitoring, reporting, and escalating events to our SOC Manager.
- The primary function of this position is to monitor analytics tools, perform alert management, and initial incident qualification.
- This role reports to the SOC Manager.
- Bachelor’s degree with CEH certification is required.
- Joining time / Notice Period: Immediate joining.
- Shift Timings: Rotational Shifts.
- Location: 100% working from the Bangalore office.
Must-Haves
- SIEM: 4/5
- Networking: 4/5
- ITSM: 3/5
Key Skills/Competency
- SIEM
- Log Analysis
- Incident Response
- Network Security
- Endpoint Security
- ITSM
- ITIL
- Cybersecurity
- McAfee EDR
- CrowdStrike
Skills & topics
- SOC Analyst
- Cybersecurity
- SIEM
- Incident Response
- Network Security
- Log Analysis
- McAfee EDR
- CrowdStrike
- ITSM
- CEH
How to get hired
- Tailor your resume: Highlight SIEM, networking, and ITSM experience. Quantify achievements.
- Showcase certifications: Emphasize your CEH and any other relevant security credentials.
- Prepare for technical questions: Be ready to discuss TCP/IP, log analysis, and SIEM tools.
- Understand ITIL: Demonstrate familiarity with Incident, Problem, and Change Management.
- Be available for immediate joining: Highlight your ability to start quickly.
Technical preparation
Master SIEM correlation rules and SIEM administration.,Deep dive into TCP/IP and network traffic analysis.,Practice analyzing logs from diverse security sources.,Familiarize with McAfee EDR and CrowdStrike operations.
Behavioral questions
Describe a complex security incident you handled.,How do you prioritize multiple security alerts?,Explain your process for false positive analysis.,How do you stay updated on cyber threats?
Frequently asked questions
- What is the experience level required for the SOC Analyst role at Qualitest?
- Qualitest is looking for a SOC Analyst with 0-4 years of experience. This entry to mid-level role is suitable for individuals starting their career in cybersecurity or those with a few years of relevant experience.
- What are the key technical skills needed for the SOC Analyst position?
- Essential technical skills include hands-on experience with SIEM tools (like LogRhythm and McAfee), network traffic and event log analysis (TCP/IP expertise), and knowledge of security products such as McAfee EDR, CrowdStrike, ENS, DLP, and CASB.
- Is a Bachelor's degree and CEH certification mandatory for the SOC Analyst job?
- Yes, a Bachelor's degree along with a CEH certification is a mandatory requirement for the SOC Analyst position at Qualitest.
- What is the work arrangement for this SOC Analyst role?
- This SOC Analyst position requires 100% of the working hours to be spent in the Qualitest Bangalore office, operating on rotational shifts.
- What are the primary tools and platforms used by the SOC Analyst at Qualitest?
- The SOC Analyst will primarily use SIEM solutions (LogRhythm, McAfee), endpoint security tools (McAfee EDR, CrowdStrike), and an ITSM Platform for incident management. Familiarity with firewalls, IDS, and email security systems is also crucial.
- How important is ITIL knowledge for this SOC Analyst role?
- Knowledge of ITIL disciplines, particularly Incident, Problem, and Change Management, is important for the SOC Analyst role, as it aligns with the incident management processes within the Security Operations Center.
- What are the 'must-have' skills for this SOC Analyst position?
- The 'must-have' skills for this SOC Analyst role are a strong proficiency in SIEM (rated 4/5), solid understanding of Networking concepts (rated 4/5), and experience with ITSM platforms (rated 3/5).
- Can I apply for the SOC Analyst role if I have more than 4 years of experience?
- While the ideal experience range is 0-4 years, exceptional candidates with slightly more experience who demonstrate a strong fit for the core responsibilities and skills may still be considered. However, the role is primarily geared towards individuals within this specified range.