![Mobile National MS Society Logo](https://dn9tckvz2rpxv.cloudfront.net/nationalmssociety.jobs/Logo.png)
Job Information
BlackBox Security Operation Center - Analyst level 1 in Mumbai, India
Job Description:
Security Operation Engineer - Tier 1 will be responsible for incident monitoring, analysis, content development, and use case creation.
They will be responsible for content creation and fine-tuning based on the requirement.
Give incident description and recommendation as per security best practices.
Generate reports from SIEM tools daily/weekly/monthly and submit them to clients with analysis.
Willing to work in 24/7 shift
Coordinating with Support Team / Cross Domains to fix technical issues
Responding to alerts from the various monitoring/detection systems and platforms within defined SLAs.
Interact with users, drive security incidents end to end, and coordinate with different technology teams to resolve the incident.
Analyze data and events within the SIEM or SOAR for prioritization and priority elevation
Requirements:
Relevant experience of 1-2 years.
Basic understanding of cybersecurity principles and general knowledge of cybersecurity technologies, as well as industry-recognized certifications
Understanding possible attack activities such as network probing/ scanning, DDOS, malicious code activity, etc.
General knowledge of the capabilities and/or configuration of cybersecurity controls, specifically those relating to firewalls, access control, authentication, anti-virus/anti-malware, patching, and logging
Understanding of fundamental networking protocols such as TCP/IP, DNS, HTTP, DHCP, etc.
Demonstrate capability to make sound decisions based on good security practices and principles
Demonstrate an understanding of business principles and operational security practices specific to engineering and/or security consulting
Able to take ownership of tasks and see-through completion,
Willingness to learn, absorb and correlate technical information and then be able to interpret and simplify it.
Endpoint Protection (EDR/Crowdstrike)
Health/status check of the server & reporting on endpoints
Block connection to Malicious URL's, Vulnerability scanning & patching, Identify blacklisted/unsupported software usage on endpoints
Monitoring network traffic for suspicious behavior.
Creating network policies and authorization roles and defending against unauthorized access, modifications, and destruction.