RingCentral

Security Operations Center Analyst

RingCentral · Bengaluru, Karnataka, India

  • On site
  • Full-time
  • ₹2,500,000 / year
  • Bengaluru, Karnataka, India

Job highlights

  • Implement comprehensive security monitoring and incident response programs.
  • Analyze security events, investigate alarms, and resolve cases.
  • Generate actionable analysis and threat intelligence from data.
  • Maintain documentation and provide feedback for process improvement.
  • Participate in on-call rotations for a secure cloud environment.

About the role

Security Operations Center Analyst at RingCentral

It’s not everyday that you consider starting a new career. We’re RingCentral, and we’re happy that someone as talented as you is considering this role.

First, a little about us, we’re the global leader in cloud-based communications and collaboration software. We are fundamentally changing the nature of human interaction—giving people the freedom to connect powerfully and personally from anywhere, at any time, on any device.

We’re a $2 billion company that’s growing at 30+% annually.

We are currently looking for a Security Operations Center Analyst.

About the Role

As a Security Operations Center Analyst at RingCentral, your primary responsibilities are to implement a comprehensive security monitoring, incident response and threat intelligence program for RingCentral’s global cloud service, corporate and development environments. You will also be collaboratively providing feedback to improve security operations processes, generating actionable analysis and threat intelligence from tools, logs, and other data sources, ensuring strong documentation is in place to support ongoing SOC activities, and reporting your observations to other Security, Operations and IT personnel.

Successful candidates will:

  • Have proven skills in application security, security monitoring, incident response and intrusion analysis
  • Have strong knowledge of the diverse methods and technologies used to attack web/mobile/desktop applications, SaaS infrastructure, and data
  • Think critically, work well under pressure, and possess strong analytical, written, verbal, and interpersonal skills
  • Demonstrated track record of quality processes in candidate’s work history
  • Be strongly self-motivated with an an aptitude for both individual and team-oriented work
  • Have experience following and refining standard operating procedures and playbooks

Responsibilities

  • Monitor security events, analyze and investigate alarms, and maintain day-to-day operational activities of a secure cloud environment
  • Engage teams within and outside of RingCentral to mitigate and resolve cases
  • Maintain relevant documentation and audit artifacts
  • Identify and track suspicious system activity
  • Identify trends and patterns, and present them to Security Engineers to enhance our processes and systems
  • This role participates in on-call rotations

Qualifications / Requirements

  • 4+ years in a security engineering, SRE, or SOC roles in a cloud services environment
  • Experience with SIEM
  • Experience investigating security incidents
  • Basic knowledge AWS or GCP
  • Experience with IDS, case management, and related tools and practices
  • Experience with Linux, RedHat preferred
  • Basic knowledge of broad security topics such as encryption, application security, malware, ransomware, etc.
  • Knowledge of network, VoIP and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, SIP, RTP)

Preferred Skills/Experience

  • Any combination of the following certifications: GCIA, GCIH, GCFA, GNFA, GCFE, GASF, GICA, GCTI, GPEN, GWAPT, GPYC, OSCP
  • Experience using Crowdstrike, Cloudflare, FirePower, Splunk, ELK, Imperva, Syslog, packet capture, and Windows Event Log tools and similar tools
  • Knowledge of current hacking techniques, malicious code trends, botnets, exploits, malware, DDoS, and data breach events
  • Strong knowledge of Microsoft Windows
  • Experience automating security tasks, including scripting, programming and/or SecDevOps
  • Experience working with global teams

Key skills/competency

  • Security Monitoring
  • Incident Response
  • Threat Intelligence
  • SIEM
  • Cloud Security (AWS/GCP)
  • Linux
  • Intrusion Analysis
  • Network Security
  • Automation
  • Vulnerability Management

Skills & topics

  • Security Operations Center Analyst
  • SOC Analyst
  • Security Analyst
  • security monitoring
  • incident response
  • threat intelligence
  • intrusion analysis
  • security events
  • log analysis
  • case management
  • security processes
  • data analysis
  • reporting
  • SIEM
  • AWS
  • GCP
  • IDS
  • Linux
  • Splunk
  • Crowdstrike
  • Cloudflare
  • FirePower
  • ELK

How to get hired

  • Research RingCentral's culture: Study their mission, values, recent news, and employee testimonials on LinkedIn and Glassdoor.
  • Tailor your resume: Highlight extensive experience in SOC, incident response, and cloud security environments.
  • Showcase technical prowess: Emphasize expertise in SIEM, AWS/GCP, Linux, and specific security tools like Splunk.
  • Prepare for behavioral questions: Focus on problem-solving, critical thinking, teamwork, and handling high-pressure situations.
  • Network strategically: Connect with current RingCentral security professionals on LinkedIn to gain insights and express interest.

Technical preparation

Review SIEM platforms and practices.,Brush up on AWS/GCP security fundamentals.,Practice Linux command-line security tasks.,Study network and VoIP protocols.

Behavioral questions

Describe a security incident you handled.,How do you prioritize multiple alerts?,Explain your approach to teamwork.,How do you manage work under pressure?

Frequently asked questions

What does a Security Operations Center Analyst do at RingCentral?
As a Security Operations Center Analyst at RingCentral, you will implement security monitoring, incident response, and threat intelligence programs for global cloud services, corporate, and development environments. This includes analyzing security events, investigating alarms, providing feedback for process improvement, and generating actionable threat intelligence.
What kind of work schedule can I expect for the SOC Analyst role in Bangalore?
The Security Operations Center Analyst role in Bangalore operates on a full-time schedule, typically involving a '2 days on (12 hrs) and 2 days off' rotation. This structure is common for SOC environments to ensure continuous coverage.
What specific cloud platforms should I be familiar with for this RingCentral position?
For this Security Operations Center Analyst role at RingCentral, basic knowledge of either Amazon Web Services (AWS) or Google Cloud Platform (GCP) is required. Experience with cloud services environments is a key qualification.
Are there opportunities for professional development or certifications at RingCentral for SOC Analysts?
While not explicitly stated, RingCentral lists a range of preferred certifications such as GCIA, GCIH, OSCP, and others. This indicates the company values continuous learning and professional development in security, suggesting potential support or recognition for pursuing these credentials.
How critical is incident response experience for the Security Operations Center Analyst role?
Incident response experience is critical for the Security Operations Center Analyst role at RingCentral. Your primary responsibilities include implementing incident response programs, investigating security incidents, and engaging teams to mitigate and resolve cases effectively.
What documentation standards are expected from a SOC Analyst at RingCentral?
A SOC Analyst at RingCentral is expected to maintain relevant documentation and audit artifacts. Strong documentation practices are essential to support ongoing SOC activities and ensure clear communication and record-keeping within the security team.
How does RingCentral's SOC utilize threat intelligence?
RingCentral's SOC uses threat intelligence by requiring analysts to generate actionable analysis and threat intelligence from various tools, logs, and data sources. This intelligence helps in enhancing processes and systems, identifying trends, and improving overall security posture.
What collaboration tools does RingCentral use for security incident management?
While specific collaboration tools are not mentioned, the job description states that the analyst will 'engage teams within and outside of RingCentral to mitigate and resolve cases,' implying the use of standard communication and collaboration platforms to facilitate incident management across departments.
What are the key security technologies used in RingCentral's SOC environment?
RingCentral's SOC environment utilizes various security technologies. Required experience includes SIEM and IDS, while preferred experience lists tools such as Crowdstrike, Cloudflare, FirePower, Splunk, ELK, Imperva, Syslog, packet capture, and Windows Event Log tools.
Is prior experience with VoIP protocols important for this role?
Yes, knowledge of VoIP related protocols (e.g., SIP, RTP) is specifically listed under qualifications/requirements. Given RingCentral's focus on cloud-based communications and collaboration software, understanding these protocols is important for a Security Operations Center Analyst.