Overview
Security Analyst Jobs in Bengaluru, Karnataka, India at ProArch
Title: Security Analyst
Company: ProArch
Location: Bengaluru, Karnataka, India
ProArch is a global IT consulting firm providing Security, Data, Application Dev, and Cloud services. Offices are located in the US, UK and India.
Are you passionate about cybersecurity and eager to make a difference? Join our Security Operations Center (SOC) as a Security Analyst I (SOC). In this role, you’ll be at the forefront of monitoring, detecting, and responding to security incidents. With 2-3 years of experience in cybersecurity, you’ll bring your strong understanding of security principles and excellent analytical skills to our fast-paced environment. You’ll work closely with our team to ensure effective incident response and resolution, contributing to the continuous improvement of our SOC processes and procedures. If you’re ready to take your career to the next level and be part of a dynamic and challenging environment, we encourage you to apply!
Communication skills are essential, as you will be the technical escalation point for the SOC Team. You’ll need to act proactively to ensure smooth security operations and effective collaboration during your shift. A key outcome of this position is to continuously improve the efficiency and quality of the Security Operations Center. Adhering to the processes and procedures documented is an important aspect to successful SOC operations.
RequirementsJOB RESPONSIBILITIES
SOC Dashboard Monitoring
First Response to Alerts generated from Security Solutions ingested in the SIEM/SOAR Tool
Verifying the Facts and Enriched Data in Incidents using SOAR Platform
Preliminary triage based on the facts from the SOAR
Sending email notifications for Medium & lower priority alerts to the client for confirmation on potentially false or benign alerts
Helping seniors in triage, evidence collection, incident documentation, etc
Reporting to the Shift Lead about the alerts handled during the shift and updating the SHO Sheet
Escalation of Incidents based on the preliminary triage using the escalation workflow in case of possible true positives
Identifying daily repeat false positive alerts, and interesting patterns based on monitoring of alerts
Reporting any tool outages or monitoring downtime during one’s own shift to the Shift Lead or Leads asap
Performing Monthly Maintenance Tasks for Health Checks for the Security Monitoring and Response Tools
Develop, test, and fine-tune detection rules and use cases based on log sources, threat intelligence, attack patterns, and client requirements
Identify emerging threats and incorporate them into use-cases for alerts and detections
Optimize and refine alert thresholds and logic to minimize false positives and enhance detection accuracy
Leverage expertise in Microsoft 365 Defender/Defender XDR, Microsoft Defender for Endpoint, Defender for Office 365 and Entra ID Protection to improve overall threat detection and response
Analyze security logs and telemetry data for signs of compromise, anomalous activities, or malicious behavior
Prioritize the work effectively and handle shifting priorities professionally
Work closely with cross-functional teams (IT, Cloud Operations, Application Development) to mitigate security risks and improve SOC capabilities
Create detailed reports and post-analysis reports to communicate findings and recommendations to technical and non-technical stakeholders
Contribute to continuous improvement of SOC processes, including SOPs, playbooks, runbooks, and escalation procedures
Stay up…
