About Globals:
Globals has drastically grown from a small home office to a globally recognized enterprise offering world-class quality solutions on Cloud, ERP Systems, Predictive Analytics and Enterprise Application Development for various industries including Education, Government, Media & Online Services, and Financial Services and to Independent Software Vendors. Globals has enabled its customers to be game changers in their industry through its disruptive and innovative solutions.
Globals has been rated for its great work culture that helps its team members manage work-life, have dedicated hours to upskill and reskill themselves and most important to ensure that the projects that they are working on is always unique, challenging their status quo every time. Our unique work culture has made us one of the world’s fastest growing technology companies as recognized and featured by The Economist.
Our excellence in technical stewardship and service-offering expertise has facilitated our clients ranging from individual entrepreneurs to Fortune Global 500 – to explore new business opportunities, reduce their operational costs significantly and boost their revenues. Today, Globals enjoys a strong position in the industry as a high-performing leader through its technology innovation and remarkable domain expertise.
Globals is a CMMI Level 3 certified company.
About the Job Role:
The Security Operations / SOC Analyst works within the Security Operations Centre to monitor security alerts, respond and remediate detected issues, and work with the Incident Management process to remove threats and vulnerabilities within the organization. This role collaborates with other Information Security and IT Operational teams to maintain a secure environment and for incident response capabilities. This position will be responsible for performing security event analysis, incident response, and other related activities as part of a global 24x7x365 organization.
Responsibilities:
Executive – SOC Analyst (L2)
- Analyse and respond to previously undisclosed software and hardware vulnerabilities.
- Knowledge of various operating system flavours including but not limited to Windows, Linux, Unix
- Knowledge of various operating system flavours including but not limited to Windows, Linux, Unix.
- Knowledge of common Internet protocols and applications
- Knowledge about various tools like – SIEM, SSL, Packet Analysis, HIPS/NIPS, Network Monitoring tools, Remedy, Service Now Ticketing Toolset Web Security, AV, UBEA, Advanced SOC
- Monitoring and analysis of cyber security events with the use of Splunk, QRadar (SIEM), IDS, Cylance, RedCloak, McAfee antivirus and other tools.
- Triage security events and incidents, detect anomalies, and report remediation actions
- Further Analysis of phishing emails reported by internal end users and SOC L1.
- Follow up on remediation activities and handle the escalated incidents and alerts.
- Follow up on remediation activities and handle the escalated incidents and alerts.
- Investigate security breaches and other cybersecurity incidents
- Install security measures and operate software to protect systems and information infrastructure, including firewalls and data encryption programs.
- Install security measures and operate software to protect systems and information infrastructure, including firewalls and data encryption programs.
- Document security breaches and assess the damage they cause
- Provide documentation of work through a variety of communications such as ticketing, operational briefs, and status reports
Requirements:
- Minimum of 2 years of experience in Cyber security, SOC or relevant discipline.
- Knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc
- Knowledge of TCP/IP Protocols, network analysis, and network/security applications
- Proficient in Incident Management and Response
- Previous experience working in a Security Operations Centre (SOC), dynamic and /or malware analysis
- Complete understanding of firewalls, proxies, SIEM, antivirus, and IDPS concepts.
- Ability to identify and mitigate network vulnerabilities and explain how to avoid them.
- Understanding of patch management with the ability to deploy patches in a timely manner while understanding business impact.
- Certification in RHCSA or RHCE or equivalent
- At least one of the following certifications – GCFA/GCF/ CISP/ CISSP/CCNP/CEH or equivalent
- BE/ B.Tech/ M.Tech/ MSc/ MCA qualification CS/IS/E&C or equivalent
Qualifications :
- BE/ B.Tech/ M.Tech/ MSc/ MCA qualification CS/IS/E&C or equivalent