Security Analyst(SOC)

Contenido de trabajo

Role Purpose :-

The Information Security Analyst is the first level of monitoring in the SOC. The position monitors and responds to security events from managed customer security systems as part of a team on a rotating 24 x 7 x 365 basis. Your background should include exposure or understanding of security technologies including firewalls, IPS/IDS, logging, monitoring and vulnerability management. You should have an understanding of network security practices. Excellent customer service while solving problems

In general, travel to the UK could be one visit every 2 years. This can be at short notice and this frequency is not guaranteed as all travel is based on a clear business or project requirement. A passport is essential.

Principal Responsibilities & Tasks :-

The security analyst monitors security events from the various SOC entry channels (SIEM, Tickets, Penetration Testing, Email and Phone), based on the security event severity, escalate to managed service support teams, tier 2 information security specialist, and/or customer as appropriate to perform further investigation and resolution.

• Recommend enhancements to SOC security process, procedures and policies.
• Participate in security incident management and vulnerability management processes
• Participate in evaluating, recommending, implementing, and troubleshooting security solutions and evaluating IT security of the new IT Infrastructure systems.
• Works as part of a team to ensure that corporate data and technology platform components are safeguarded from known threats
• Communicate effectively with L2 and L3 team members
• Provide input on tuning and optimization of security systems
• Assist in organising, interpreting and remediation of penetration testing
• Follow ITIL practices regarding incident, problem and change management
• Maintain build documents, security procedures and processes.
• Maintain and Perform vulnerability scan and perform proactive measure using vulnerability scan result.
• Staying up to date with emerging security threats including applicable regulatory security requirements.
• Other responsibilities and additional duties as assigned by the security management team
• Security Operation Centre positions require employees to obtain and maintain a KPMG security clearance. This clearance requires a background enquiry covering the last three years.

Essential Competencies :-

Preferred Information Technology professional designations such as Analyst or Sr. Analyst with understanding of Security Incident

• 1-3 years previous Operations Centre Experience in conducting investigations
• Detail oriented with strong organizational and analytical skills
• Strong written communication skills and presentation skills
• Self-starter, critical and strategic thinker, negotiator and consensus builder
• Good knowledge of IT including multiple operating systems and system administration skills (Windows, Solaris, Unix)
• Good knowledge of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise Anti-Virus products
• An understanding of security incident management, malware management and vulnerability management processes
• Strong understanding of networking principles including TCP/IP, WANs, LANs, and commonly used Internet protocols such as SMTP, HTTP, FTP, POP, LDAP
• A Bachelor’s Degree / Diploma in a relevant area of study with a preference for Information Security, Computer Science or Computer Engineering
• Shift work required
• After-hours availability required

Mandatory Skill:-

Understanding of Networking principles including TCP/IP, WANs, LANs = 1 - 2 Years

Understanding of protocols such as SMTP, HTTP, FTP, POP, LDAP = 1 - 2 Years

Understanding of security incident management = 1 - 2 Years

Desirable Skill:-

Knowledge of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise Anti-Virus products = 2 - 3 Years

Good knowledge of IT including multiple operating systems and system administration skills (Windows, Linux, Unix) = 2 - 3 Years

Operations Centre Experience in conducting investigations = 2 - 3 Years