SOC Analyst

Requisition Number: 91872 

Role Description:

The SOC Analyst II is responsible for detecting and reporting cybersecurity incidents to clients. The SOC II Analyst is responsible for day-to-day cybersecurity monitoring utilizing Insight’s security tools that are used to monitor and secure our clients’ business. SOC II Analysts are accountable for detecting threats, creating incident tickets, assisting with the response process, act as the escalation point for SOC I Analysts and assisting the team in developing threat detection and prevention capabilities, and equipping clients to optimize their cybersecurity incident response capabilities. The SOC II Analyst will participate in a team of analysts.

The SOC Analyst II is also responsible for identifying automation opportunities both for the SOC incident handling and for automated response.

Essential Function of the role:

• Participate in the daily cybersecurity threat monitoring of Insight Managed Security Services (MSS) clients
• Monitor SIEM incident queue and perform incident triage & ticketing and support to resolution.
• Act as escalation point and provide guidance to SOC I staff and clients.
• Perform threat analysis on events reported by security technologies supported by MSS.
• Identify indicators of compromise within threat events.
• Identify potential, false positives, policy violations, intrusion attempts and compromises.
• Enrich security events with intelligence from multiple technologies, open-source intelligence sources, and knowledge of the client environment.
• Provide support to the L1 and other L2 SOC Analysts.
• Document problems and resolution for future reference.
• Support customer service requests as needed.
•  

Preferred Skills:

• Proficient in triaging security incidents in a SIEM platform (Microsoft Sentinel).
• Proficient in Endpoint Detection & Response technologies (M365 Defender).
• Proficient in using KQL for performing incident analysis.
• Knowledge of ServiceNow ticketing system preferred.
• Ability to document problems and resolution for future reference.
• Strong written communication skills.
• Participate with other teams in a collaborative effort to support security operations.
• Stay up to date on the latest tools and technologies that deliver value to clients and perform
• Participate in new security operations initiatives.

Preferred Attributes:

• Bachelor’s Degree in Cybersecurity, Computer Science, Information Technology or related experience.
• Position requires 3-5 years hands-on experience within a Security Operations Center.
• Working knowledge of scripting and query languages (preferably KQL)
• Experience with Microsoft Sentinel, M365 Defender, Secureworks Taegis, Service Now.
• Experience with Cloud based services (Azure).
• Strong analytical abilities and professional communication skills.
• Excellent troubleshooting skills needed.
•  

Insight is an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, sexual orientation or any other characteristic protected by law.

Insight India Location:Level 16, Tower B, Building No 14, Dlf Cyber City In It/Ites Sez, Sector 24 &25 A Gurugram Gurgaon Hr 122002 India