Senior SOC Analyst (Microsoft Azure Sentinel) at Resillion

Bengaluru, karnataka, India -

Full Time

Start Date

Immediate

Expiry Date

21 Jan, 26

Salary

0.0

Posted On

23 Oct, 25

Experience

2 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Microsoft Azure Sentinel, Security Operations Centre, SIEM Technologies, Microsoft Defender, CrowdStrike Falcon, Windows, Linux, Cloud Technologies, Microsoft Azure, Office365, Networking Principles, Incident Management, Vulnerability Assessments, Penetration Testing, Security Playbooks, Analytical Rules

Industry

IT Services and IT Consulting

Description

Company Description Resillion is a global company with end-to-end capabilities: no matter your industry, your geographical location, or stage in your digital journey. With offices in North America, Europe, and Asia, Resillion will be by your side. Helping you and your organization realize your ambitions in cyber security, testing of digital media content and quality assurance. Whether, testing, certification, (software) development, cyber security, or data-protection, the experts at Resillion do whatever it takes. We work as long and hard as necessary to get you to market. Job Description Senior SOC Analyst (Microsoft Azure Sentinel) Experience Range: 2-4 Years Location: Bangalore Key responsibilities Operate within a fast-paced 24x7 SOC environment, either as part of a team or independently, to Analyse alerts and log data promptly and effectively. Assess the severity and impact of potential threats to accurately prioritize alerts and incidents. Monitor and analyze security information and event management (SIEM) tools and other security monitoring systems to identify potential security incidents and anomalies. Conduct in-depth analysis of security events, collaborating directly with customers to escalate and thoroughly investigate incidents. This involves understanding the scope, impact, and root cause of incidents to tailor the response effectively. Execute swift containment and remediation measures for identified security incidents, employing predefined response strategies to isolate affected systems and prevent further compromise. Proactively participate in the creation and enhancement of processes and procedures such as Security Playbooks. Refine and optimise analytical rules within the SIEM platform to reduce false positive alerts, enhancing the accuracy and efficiency of threat detection. Assist in vulnerability assessments and penetration testing activities. Evaluate and prioritise identified vulnerabilities for remediation by collaborating directly with customers. Maintain accurate records of incidents, investigations, and security-related activities within the incident management platform. Create detailed reports on security incidents, response actions taken, and recommendations for improvement. Research new concepts and present them to the internal team as well as customers. Required skills: Excellent English written and verbal communication skills. Prior experience working within a 24x7 Security Operations Centre (SOC). Security monitoring experience with one or more SIEM technologies, preferably Microsoft Sentinel. Knowledge of EDR solutions including Microsoft Defender and CrowdStrike Falcon. Strong understanding of Windows, Linux and cloud technologies including Microsoft Azure and Office365. Good understanding of security solutions including SIEMs, Web Proxies, Anti-Virus, Firewalls, VPN, authentication providers and mechanisms, encryption, IPS/IDS. Strong understanding of networking principles including TCP/IP, WANs, LANs, and commonly used Internet protocols. Qualifications Degree in Computer Science, Information Security, or a related field – Must have. SC-200 Microsoft Security Operations Analyst – Must have. AZ-500 Microsoft Azure Security Technologies – Desirable. CompTIA Security+ SY0-601 – Desirable. Certified Ethical Hacker (CEH) – Desirable. GIAC Security Essentials (GSEC) – Desirable. GIAC Certified Incident Handler (GCIH) – Desirable.

Responsibilities

The Senior SOC Analyst will operate in a 24x7 SOC environment to analyze alerts and log data, assess potential threats, and monitor security incidents. They will also conduct in-depth analysis, execute containment measures, and enhance security processes.