Deloitte – RA- Cyber- D&R- L2 Analyst

Job Description

Designation: Assistant Manager
Entity:
Job Description:

Incident detection by monitoring the SIEM console (IBM Qradar), Rules, Reports and Dashboards.
Assist L1 team in analysis, investigation and recommendations as required
Comfortable with working in rotational shifts 24×7.
Review of the alerts as a second screening to ensure no alerts are missed
Respond to queries on the reported incidents
Incident escalation handling
Deep dive investigation of the incidents, understanding the trend and fine-tune the rules as required
Daily tracking of the incidents SLA
Review Daily Incident Summary Reports
Prepare & send Weekly Status Reports
Prepare & send Monthly Status Reports
Review changes/service requests and inform Operations Manager
Contribute to Playbooks creation.

Skills required

Professional with minimum 3-5 years of experience in SOC performing various roles (inclusive of L1 & 12)
Solid understanding of MITRE ATT&CK, NIST cyber incident response framework and Cyber kill chain.
CCNA, CEH, CompTIA Security+ Plus will add preference
Understanding of Threat Hunting and threat Intelligence concepts and technologies
Experience of leveraging technical security solutions such as SIEM, IDS/IPS, EDR, vulnerability management or assessment, malware analysis, or forensics tools for incident triage and analysis.
Deep understanding of most common OS (Windows, MacOS, Linux, Android, iOS) and their file systems etc.
Experience of enterprise level cloud infrastructure such as AWS, MS Azure, G Suite, O365 etc.
Experience of malware analysis and understanding attack techniques.