SOC Consultant

SOC Consultant

Erlanger, KY(Onsite)

SOAR , ArcSight , Sentinel

Skills

Mandatory Skills : SOAR, SOAR - IBM SOAR, SOAR - Palo Alto XSOAR, SOC - content developer, SOC L1\L2- Monitoring

12+ years only

Were seeking a dynamic Lead Incident Responder with minimum 12 years experience to join our team.

• As a cybersecurity Lead Incident Responder you will be an active part of a 24/7-365 cyber incident response team and have handson technical role focused on incident response digital forensics that offers various customerfacing opportunities Incident Responders primary responsibilities include incident management forensic analysis threat hunting and delivering both verbal and written communications to customers Incident Responders will manage major incident response engagements with oversight from Senior Incident Responders Additionally a portion of their time will be dedicated to ongoing research in incident response and enhancing service enablement by improving internal processes procedures and methodologies used to deliver incident response services
• Candidates must have a minimum of 12 years of experience in Security Operations and Incident
• Response with proficiency in tools like ArcSight and Sentinel
• The role involves incident triage threat management coordination with stakeholders and support for the Security Operations Centre SOC during incident response and threat hunting activities such as below
• Deliver worldclass incident response services managing customer engagements from initial incident scoping to final reporting and driving investigations through the entire IR lifecycle
• Coordinate and guide SOC Analysts during major investigations
• Support proactive threat hunting and Conduct threat emulation activities as part of LTIMindtree Detection Response capability helping clients assess their ability to respond to major threats using their existing tools
• Advise clients on security best practices and strategies for mitigating attacks through enterprise security controls
• Capture and apply knowledge of the latest attacker methodologies to improve response efforts
• Ensure compliance to SLA process adherence and process improvisation to achieve operational objectives
• Revise and develop processes to strengthen the current Security Operations Framework Review policies and highlight the challenges in managing SLAs aligning with customer
• Prepare and practice IR plans perform tabletop exercises etc
• Responsible for team vendor management overall use of resources and initiation of corrective action where required for Security Operations Centre
• Perform threat management threat modelling identify threat vectors and review use cases for security monitoring
• Responsible for integration review of standard and nonstandard logs in SIEM
• Submission of reports dashboards metrics for SOC operations and presentation to Sr Mgmt
• Coordination with stakeholders build and maintain positive working relationships with them
• Provide support to the Security Operations Center SOC during incident response event monitoring and threat hunting activities Responsibilities include cyber threat analysis support research recommending appropriate remediation and mitigation
• Incident Problem Management Monitoring Validation Analysis Triage Escalation Response and Resolution
• Knowledge on SIEM Log source integration
• Use Case Fine tuning and New Use case creation
• Cyber threat analysis support research and recommend appropriate remediation and mitigation
• Trending and correlation of monitored events to build new Indicators of Compromise IOC attack attribution and helping establish countermeasures increasing cyber resiliency
• Identification of advanced cyber threat activities Endpoint Detection Response intrusion detection incident response malware analysis and security content development eg signatures rules etc and cyber threat
• Excellent verbal and written communication skills with the ability to clearly convey investigation findings and remediation steps to both technical and nontechnical audiences including executives and legal teams
• Proficient in one more of the following computer languages PowerShell Bash Python or Visual Bas