SOC Analyst

About Globals:

Globals has drastically grown from a small home office to a globally recognized enterprise offering world-class quality solutions on Cloud, ERP Systems, Predictive Analytics, and Enterprise Application Development for various industries including Education, Government, Media & Online Services, Financial Services, and Independent Software Vendors. Globals has enabled its customers to be game-changers in their industry through its disruptive and innovative solutions. Globals is certified as a "Great Place to Work" organization for its great work culture that helps its team members manage work-life, have dedicated hours to up skill and reskill themselves, and most important to ensure that the projects that they are working on are always unique, challenging their status quo every time. Our unique work culture has made us one of the world’s fastest- growing technology companies as recognized and featured by The Economist. Our excellence in technical stewardship and service-offering expertise has facilitated our clients ranging from individual entrepreneurs to Fortune Global 500 – to explore new business opportunities, reduce their operational costs significantly and boost their revenues. Today, Globals enjoys a strong position in the industry as a high-performing leader through its technology innovation and remarkable domain expertise.

About the Job Role:

The Security Operations / SOC Analyst works within the Security Operations Centre to monitor security alerts, respond and remediate detected issues, and work with the Incident Management process to remove threats and vulnerabilities within the organization. This role collaborates with other Information Security and IT Operational teams to maintain a secure environment and for incident response capabilities. This position will be responsible for performing security event analysis, incident response, and other related activities as part of a global 24x7x365 organization.

Responsibilities:

  • Experience of at least 3 years in using SIEM / SOAR Platform, SIEMPLIFY / SPLUNK
  • Monitoring and analysis of cyber security events with the use of QRadar (SIEM), IDS, Cylance,RedCloak, McAfee antivirus and other tools.
  • Execution of SOC procedures.
  • Triage security events and incidents, detect anomalies, and report remediation actions.
  • Ensure completeness of the incident information.
  • Analysis of phishing emails reported by internal end users.
  • Escalation of incidents to be handled to L2 SOC team, when relevant.
  • Follow up on remediation activities.
  • Triage on general information security tickets.
  • Investigate security breaches and other cybersecurity incidents.
  • Install security measures and operate software to protect systems and information infrastructure,including firewalls and data encryption programs.
  • Document security breaches and assess the damage they cause.
  • Provide documentation of work through a variety of communications such as ticketing,operational briefs, and status reports

Qualifications & Experience Requirements:

  • Previous experience working in a Security Operations Centre (SOC),dynamic and/or malware analysis
  • Understanding of firewalls, proxies, SIEM, antivirus, and IDPS concepts.
  • Ability to identify and mitigate network vulnerabilities and explain how to avoid them.
  • Understanding of patch management with the ability to deploy patches in a timely manner while understanding business impact.
  • Engineering Graduate required