SOC Engineer

Introduction
SOC Engineer (L1) would work closely with the SOC team and be responsible for SIEM engineering activities such as log source integration Use case development and enhancement Rule tuning dashboard and report development and Platform upgradation.
Support the incident response team during an incident.

Your Role and Responsibilities

• Responsible for QRadar operations and maintenance administration of underlying Operating system
• Person Will be responsible for Incident Validation Incident Analysis Solution Recommendation Resolve Escalations Maintain Knowledge base/play book creation. Rule base Management General SOC Administration Resolve user queries
• Log source integration and troubleshooting
• Incident Triage – incident classification and prioritization.
• Incident response by escalating qualified incidents to SOC in-charge / Project Manager.
• Preparing Incident Dashboard and Health check dashboards
• Periodic Patch upgrade and system upgrades
• Person should have worked on IBM QRadar or similar tool
• Person should have prior hands-on experience in FortiGate / Checkpoint Firewall and / or End-point security
• Willing to work in 24×7 rotation shift including night shifts

Required Technical and Professional Expertise

• 1 to 2 years Working experience in L1 analytics like incident detection triaging and basic analysis using any one of the SIEM tools like Qradar
• Experience in report management using SIEM tools
• Experience in ITIL process for Incident change and problem management
• Knowledge in TCP/IP and OSI/ISO Model
• Basic knowledge in routing and routing protocols
• Knowledge in IP addressing and subnetting
• Good understanding of various attacks like Port scan network scan ddos malware virus worms ransomware cross-site scripting cross-site scripting forgery attacks Sql Injection
• Experience in ticket creation and tracking using ITIL Process
• Experience in maintaining and updating Help files device inventory and run books
• Basic understanding of Cloud computing
• Basic understanding and use of dashboards use cases reports rule tuning log sources in SIEM
• Basic understanding on threat intelligence and on threat intelligence feeds

Preferred Technical and Professional Expertise

• Certifications: CEH or Comptia Security+ or Qradar foundations or Equivalent
• Ambitious individual who can work under their own direction towards agreed targets/goals and with creative approach to work
• Intuitive individual with an ability to manage change and proven time management
• Proven interpersonal skills while contributing to team effort by accomplishing related results as needed
• Up-to-date technical knowledge by attending educational workshops reviewing publications
• Scripting knowledge in python json shell scripting