Soc analyst

Company Profile Federal Soft Systems is a certified Great Place to Work American-based digital transformation IT products company that specializes in offering AI/ML Products, Secure Application Development, App Development, Testing Services, Custom Application Development Digital Marketing, and Cloud Solutions to various business verticals. FSS is an equal opportunity and inclusive employer and is committed to providing a workplace free of discrimination and harassment. All qualified applicants will receive equal consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or disability. Position: SOC AnalystsExperience:5+ YearsNotice period:immediate-30 DaysLocation: BangaloreDetailed Job Description: · Splunk Enterprise Security · Security Information Event Management (SIEM) · Incident Response · Malware Analysis · Forensics · Threat Monitoring · Cyber Security Operations · Cyber Threat Response · Cyber Threat Hunting · Cyber Investigation · Alarm triage · Security Orchestration Automation Response (SOAR) · Phishing analysis · Phishing mitigation · MITRE ATT CK Matrix · Kill Chain • Support the technical analysis of SIEM alerts as requested by the triage team. • Support the content creation pipeline for new threats identified because of an incident, threat intelligence or vulnerability. • Identify any technology gaps and contribute to designing solutions to address them. • Support the automation effort to streamline and accelerate triage response. • Drive projects initiates and control enhancements. • Promote core values, team building, and upskilling of junior analysts. Core Duties • Event Triage and Analysis –investigate SIEM/SOAR events as necessary; bring experience in malware analysis, network/endpoint security to respond and contain incidents. • Content Development - Support the creation countermeasures and mitigations in response to an incident or threat actor technique. • Threat Hunting - Support the operational driven inputs (e.g., on the heels of an incident or event) into threat hunting and help build countermeasures/mitigations to detect commodity and targeted threats. • Automation - Identify areas for automation and facilitate the creation of automation use cases and support their implementation. Powered by Webbtree