Engineer II - SOC Support (L1) at Wipfli Advisory LLC

Bengaluru, karnataka, India -

Full Time

Start Date

Immediate

Expiry Date

02 Jun, 26

Salary

0.0

Posted On

04 Mar, 26

Experience

0 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

SiEM, Security Monitoring, Incident Response, Log Analysis, Threat Intelligence, Endpoint Detection And Response, Phishing Analysis, Vulnerability Assessment, Sop, Slas, Elastic SiEM, Microsoft Sentinel, Wazuh, Splunk, QRadar, SentinelOne

Industry

Business Consulting and Services

Description

Overview Position: Engineer – L1 Type: FTE Specific job responsibilities • Monitor and analyze security alerts generated by SIEM platforms including Elastic SIEM, Microsoft Sentinel, and other SIEM tools (e.g., Wazuh, Splunk, QRadar).• Perform continuous security monitoring of network traffic, endpoint activity, and system logs to identify suspicious or malicious behaviour.• Investigate potential security incidents by performing detailed log analysis to detect anomalies and attack patterns.• Classify security alerts accurately as True Positive or False Positive based on evidence and analysis.• Respond to security incidents promptly by following defined incident response playbooks and SOPs.• Escalate confirmed or high‑severity incidents to senior SOC engineers with proper documentation, context, and impact analysis.• Conduct phishing email analysis, including:o Header and sender analysiso URL and attachment inspectiono Identification of credential‑harvesting and malware delivery attempts• Track and investigate malware alerts, performing basic static and behavioral analysis using EDR telemetry and sandbox results.• Monitor and analyze endpoint activity using EDR tools such as SentinelOne and Microsoft Defender for Endpoint.• Support vulnerability assessment activities by reviewing scan results, validating findings, and assisting with remediation tracking.• Maintain accurate incident reports, investigation notes, and SOC documentation.• Follow daily threat intelligence updates and apply relevant insights to ongoing investigations.• Adhere to SOC SLAs, escalation procedures, and operational best practices.• Support client Baseline Security Reviews by reviewing security tool configurations and documenting gaps against defined security baselines. Specific skills • Basic to intermediate understanding of networking, security, and system administration concepts.• Knowledge of:o Network security fundamentalso Firewalls, IDS/IPS, and SIEM toolso Vulnerability assessment concepts and security best practices• Familiarity with Windows and/or Linux environments.• Hands‑on exposure to:o SIEM monitoring and alert investigationo Incident response and alert triageo Endpoint detection and response (EDR) tools• Understanding of common attack techniques including phishing, malware, brute force, and credential abuse.Certifications• CEH (Certified Ethical Hacker)• Microsoft SC‑200 – Security Operations Analyst• Microsoft SC‑900 or equivalent security fundamentals certification Qualification and experience • Bachelor’s degree in computer science, Information Security, Information Technology, or a related field (or equivalent practical experience).o 0–3 years of experience in:o SOC operationso Cybersecurity monitoring• Hands‑on experience with SIEM tools and security alert investigation is preferred. No. of positions: 01 Work location: Wipfli India, Bengalur

Responsibilities

The engineer will monitor and analyze security alerts from various SIEM platforms, performing continuous security monitoring of network traffic and logs to identify suspicious behavior. Responsibilities also include investigating incidents, classifying alerts, responding according to playbooks, and escalating high-severity issues with proper documentation.