Deloitte – RA- Cyber- D&R- L3 Analyst SOC Engg

August 14, 2023
Deloitte – RA- Cyber- D&R- L3 Analyst SOC Engg

Job Description

Designation: Deputy Manager
Job Description:

Incident detection by monitoring the SIEM console (IBM Qradar), Rules, Reports and Dashboards.
Provide technical Incident Response guidance to the L1 and L2 incident response Analysts
Recommend and document specific countermeasures and mitigating controls with post incident analysis findings
Conduct Digital Forensic and Incident Response (DFIR) analysis, network log and network PCAP analysis, malware triage, and other investigation related activities in support of Incident Response investigations
Carry out Engineering activities for the respective technologies
Execute changes requested or changes arising out of critical operational issues
Contribute to daily/weekly/monthly reports
Maintain and update SOP’s
Maintain and update Playbooks
Maintain and update Build documents as required
Provide on call support in case of critical issues and provide resolution
Log a call with OEMs, be available on calls, liaise and resolve any issues
Build use cases as required

Skills required

Professional with minimum 4-5 years of experience in SOC performing various roles (inclusive of L1 & 12)
Solid understanding of MITRE ATT&CK, NIST cyber incident response framework and Cyber kill chain.
CCNA, CEH, CompTIA Security+ Plus, CISM or OSCP will add preference
Understanding of Threat Hunting and threat Intelligence concepts and technologies
Experience of leveraging technical security solutions such as SIEM, IDS/IPS, EDR, vulnerability management or assessment, malware analysis, or forensics tools for incident triage and analysis.
Deep understanding of most common OS (Windows, MacOS, Linux, Android, iOS) and their file systems etc.
Experience of enterprise level cloud infrastructure such as AWS, MS Azure, G Suite, O365 etc.
Experience of malware analysis and understanding attack techniques.