L2 SOC Lead

UST

  • Thiruvananthapuram, Kerala Kochi, Kerala
  • Permanent
  • Full-time
  • 2 months ago
Job Description:L2 SOC LeadExperience : 7 to 9 yearsLocation : Bangalore/Trivandrum/KochiCompany: CyberProof, A UST CompanyAbout CyberProofCyberProof is a leading cyber security services and platform company dedicated to helping customers react faster and smarter to security threats. We enable enterprises to create and maintain secure digital ecosystems through automation, threat detection, and rapid incident response. As part of the UST family, we are trusted by some of the world’s largest enterprises. Our Security Operations Group is composed of a global team of highly skilled cyber security professionals, with our tier 3-4 expertise rooted in Israeli IntelligenceCyberproof is looking to hire a L2 team Lead for managing the existing shared services team.Role Proficiency:SOC Analyst L2 is an operational role, focusing on ticket quality and security incident deeper investigation and will be responsible to handle the escalated incidents from Level 1 team within SLA. The lead will be responsible for quality and ensuring processes are defined globally across all customers in Cyberproof.Responsibilities:
  • SOC Analyst L2 would work closely with SOC L1 team, L3 team & customer and responsible for performing deeper analysis and need to interact with client in daily calls and need to take the responsibility of handling the True Positive incidents on time.
  • When L1 escalates an incident to L2, need to conduct more analysis and, if needed, escalate to the customer/L3 team, or L2 analyst must advise L1 team members until the incident is resolved.
  • Perform deep analysis to security incidents to identify the full kill chain
  • Handle L2 and above level technical escalations from L1 Operations team and resolve within SLA.
  • Identify the security gaps and need to recommend new rules/solution to L3/Customer
  • Need to suggest finetuning for existing rules based on the high count/wherever required
  • Create and manage the Incident handling playbook, process runbooks and ad-hoc documents whenever needed
  • Respond to clients’ requests, concerns, and suggestions
  • Proactively support L1 team during an incident.
  • Performs and reviews tasks as identified in a daily task list.
  • Ready to work in 24x7 rotational shift model including night shift
  • Incident detection, triage, analysis and response.
  • Coordinating with customers for their security related problems and providing solutions.
  • Share knowledge to other analysts in their role and responsibilities
  • Provide knowledge transfer to L1 such as advance hunting techniques, guides, cheat sheets etc
Knowledge Experience:
  • Experience of Managing L2 resources in a multi-location basis.
  • Minimum of 3 years of experience in Cyber security, SOC
  • At least 2 years of working in the SOC
  • Proficient in Incident Management and Response
  • Experience in leading a team of more than 9 analysts
  • Experience in searching and log analysis in at least 2 of the below SIEM tools or more than 3 SIEM in total: Sentinel, QRadar, Splunk, LogRhythm, Google Chronicle
  • Experience in analysis and response in at least 2 of the below EDR tools or more than 3 EDR in total:Crowd strike, MS Defender, Carbon Black, Cybereason, Sentinel One
  • In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc.
  • Up to date in cyber security and incidents; intermediate understanding of enterprise IT Infrastructure including Networks Firewalls OS Databases Web Applications etc.
  • Understanding of ISMS principles and guidelines; relevant frameworks (e.g. ISO27001)
  • Desirable – Training / Certification in Ethical Hacking/SIEM Tool etc.
Additional Desired Skills:
  • Strong verbal and written English communication
  • Strong interpersonal and presentation skills
  • Ability to work with minimal levels of supervision
  • Responsible for working in a 24x7 Security Operation centre (SOC) environment.
Essential Skills:
  • Knowledge and hands-on experience with Azure Sentinel, Microsoft 365 Defender, Microsoft Defender for Cloud Apps & Identity Protection.
Continuous Learning innovation and optimization:
  • Ensure completion of learning programs as suggested by Managers
  • Suggest ideas that will help innovation and optimization of processes. Help develop the ideas into proposals.
  • Provide suggestions to reduce the manual work Teamwork
  • Assist L1 team members where possible.
About Company:UST is a global digital transformation solutions provider. For more than 20 years, UST has worked side by side with the world’s best companies to make a real impact through transformation. Powered by technology, inspired by people and led by purpose, UST partners with their clients from design to operation. With deep domain expertise and a future-proof philosophy, UST embeds innovation and agility into their clients’ organizations. With over 30,000 employees in 30 countries, UST builds for boundless impact—touching billions of lives in the process.

UST