SOC Analyst Jobs in Bangalore - IBM
Job Description
Your Role and Responsibilities
As a Security Analyst -SOC ,you are responsible for managing day to day operations of Security Device Management SIEM, incident response, threat hunting, Use case engineering, SOC analyst, device integration with SIEM.You are also Responsible for identifying, reporting and tracking system vulnerabilities within corporate, commercial and federal assets ensuring the integrity of the environment.
Daily activities include:
Required Technical and Professional Expertise
As a Security Analyst -SOC ,you are responsible for managing day to day operations of Security Device Management SIEM, incident response, threat hunting, Use case engineering, SOC analyst, device integration with SIEM.You are also Responsible for identifying, reporting and tracking system vulnerabilities within corporate, commercial and federal assets ensuring the integrity of the environment.
Daily activities include:
- Operation of various scanning tools in use
- Assessment and analysis data collected from scan tools
- Tracking and reporting on discovered vulnerabilities and remediation efforts
- Identification of overdue system remediation efforts
- Sourcing and tracking of public and pre-embargoed vulnerability disclosure sources.
- Analysis and reporting of all applicable publicly disclosed zero-day vulnerabilities.
- Coordination with system owners to identify and remediate scan problems
- Coordination with system owners to provide requested details about scan findings, scan methodologies and remediation recommendations
- Assisting Program Managers with reporting and continuous motion on remediation efforts
- General SIEM monitoring, analysis, content development, and maintenance.
- Monitor a strategic, comprehensive corporate, commercial and federal information security monitoring and operation program to ensure the integrity, confidentiality and availability of information owned, controlled or processed by the organization
- Daily security activities related to the protection of corporate and other federal assets including scanning tools and ticketing systems documenting the identification and remediation process for identified system flaws
- Provide information to system owners of flaws identified within that groupâÂÂs responsible systems.
- Ensure that IBM Cloud is in compliance with all applicable Federal, IBM Internal and industry standard directives and policies regarding securing and monitoring of information systems
- Assist in risk assessment duties including reporting and oversight of remediation efforts
- Research, analysis, and response for alerts; including log retrieval and documentation.
- Conduct analysis of network traffic and host activity across a wide array of technologies and platforms.
- Assist in incident response activities such as host triage and retrieval, malware analysis,remote system analysis, end-user interviews, and remediation efforts.
- Enterprise-level experience managing the remediation of vulnerabilities in two or more of the following areas:
- Server Operating Systems (Windows Server, Red Hat, CentOS)
- Network (Cisco, Palo Alto, F5, McAfee)
- Storage (NetApp, CleverSafe)
- Manage multiple projects with various priority levels and time lines from start to finish
- Develop and maintain accurate documentation for internal procedures and services
- Maintain knowledge of outstanding vulnerability management issues and ensure remediation timelines are completed by required guidelines
- Thorough understanding of how to calculate CVSS v2 and v3 adjusted scores
- Must collaborate with other departments to resolve complex issues and be detail oriented
- Ability to automate solutions to repetitive problems/tasks
Required Technical and Professional Expertise
- Overall 5+ years of relevant cyber security experience in IT Security, Incident Response or network security with strong knowledge working in a Security Operations Center.
- Experience with: SIEM (QRadar, Splunk, Nitro, etc.), SOAR (Resilient, Demisto, ServiceNOW, etc.), Ticketing (JIRA, ServiceNow, Remedy, etc.)
- Minimum 3+ Years experience in Security Operation centre with SIEMs or 3+ years of applicable experience with Linux/UNIX systems in a production environment
- Knowledge of generic information security standards/programs. Understanding of basic network concepts, familiarity with TCP/IP and VLAN functionality
- Experience with risk management, vulnerability management, threat analysis, security auditing, security monitoring, incident response and other information security practices preferred
- Expertise in Security Device Management SIEM, Qradar, incident response, threat hunting, Use case engineering, SOC analyst, device integration with SIEM
- Security+,Linux+, GREM, GCFA, GNFA, OSCP, or similar certification preferred
- Experience with the common tools associated with penetration testing (Metasploit, Burp Suite, Kali etc.)
- Ability to effectively code in a scripting language (Python, Perl, etc.)
Job Particulars
Role it software engineer
Who can apply Freshers and Experienced (0 to 3 Years )
Hiring Process Face to Face Interview
Employment Type0
Job Id1267760
Job Category IT/Software , BSc/BCA/BBM
Locality Address
State Karnataka
Country India
About Company
International Business Machines Corporation (IBM) is an American multinational information technology company headquartered in Armonk, New York, with operations in over 170 countries. The company began in 1911, founded in Endicott, New York, as the Computing-Tabulating-Recording Company (CTR) and was renamed 'International Business Machines' in 1924.
Jobs By Location
Bangalore
Noida
Gurgaon
Mumbai
Kolkata
Pune
Chennai
Ahmedabad
Hyderabad
Delhi
Others also searched for
Job & career videos Subscribe