Jobs for People with MS: National MS Society

Mobile National MS Society Logo
Home View All Jobs (2,159,644)

Job Information

BlackBox Security Operation Center - Analyst level 1 in Mumbai, India

Job Description:

  • Security Operation Engineer - Tier 1 will be responsible for incident monitoring, analysis, content development, and use case creation.

  • They will be responsible for content creation and fine-tuning based on the requirement.

  • Give incident description and recommendation as per security best practices.

  • Generate reports from SIEM tools daily/weekly/monthly and submit them to clients with analysis.

  • Willing to work in 24/7 shift

  • Coordinating with Support Team / Cross Domains to fix technical issues

  • Responding to alerts from the various monitoring/detection systems and platforms within defined SLAs.

  • Interact with users, drive security incidents end to end, and coordinate with different technology teams to resolve the incident.

  • Analyze data and events within the SIEM or SOAR for prioritization and priority elevation

Requirements:

  • Relevant experience of 1-2 years.

  • Basic understanding of cybersecurity principles and general knowledge of cybersecurity technologies, as well as industry-recognized certifications

  • Understanding possible attack activities such as network probing/ scanning, DDOS, malicious code activity, etc.

  • General knowledge of the capabilities and/or configuration of cybersecurity controls, specifically those relating to firewalls, access control, authentication, anti-virus/anti-malware, patching, and logging

  • Understanding of fundamental networking protocols such as TCP/IP, DNS, HTTP, DHCP, etc.

  • Demonstrate capability to make sound decisions based on good security practices and principles

  • Demonstrate an understanding of business principles and operational security practices specific to engineering and/or security consulting

  • Able to take ownership of tasks and see-through completion,

  • Willingness to learn, absorb and correlate technical information and then be able to interpret and simplify it.

Endpoint Protection (EDR/Crowdstrike)

  • Health/status check of the server & reporting on endpoints

  • Block connection to Malicious URL's, Vulnerability scanning & patching, Identify blacklisted/unsupported software usage on endpoints

  • Monitoring network traffic for suspicious behavior.

  • Creating network policies and authorization roles and defending against unauthorized access, modifications, and destruction.

DirectEmployers