Job opportunity for SOC Analyst L2 for one of IT consulting firm

Job Description:

At least one SIEM solution certifications with one or more SIEM/ Security solutions (i.e., RSA NetWitness, Splunk ES, Elastic ELK, HP ArcSight, IBM QRadar Log Rhythm). • Minimum overall 5 years of experience in handling security related products & services in a reputed organization out of which 3 years’ experience should be in SIEM solution. • Person should have adequate knowledge of security devices like firewalls, IPS, Web Application Firewall, DDOS, EDR, Incident response, SOAR and other security devices • Administration of SIEM environment (e.g.: deployment of solution, user management, managing the licenses, upgrades and patch deployment, addition or deletion of log sources, configuration management, change management, report management, manage backup and recovery, etc.) • Construction of SIEM content required to produce Content Outputs (e.g., filters, active lists, correlation rules, reports, report templates, queries, trends, variables) • Integration of customized threat intelligence content feeds provided by the Threat Intelligence & Analytics service • Identifies possible sensor improvements to prevent incidents • Collects/updates threat intelligence feeds from various sources • Creates situational awareness briefings • Co-ordinates with the different departments for incident analysis, containment and remediation • Liaise with Security monitoring team to discover repeatable process that lead to new content development • Provides engineering analysis and architectural design of technical solutions • Knowledge of networking protocols and technologies and network security • Sound analytical and troubleshooting skill

If only ArcSight experience or  ArcSight+NGSOC pls check with the candidates

Job type- FTE