Job Description :
SOC Analyst /Engineer and Incident response - Splunk and AWS Must and Needed-
San Jose, CA & RTP, NC- Hybrid
12 Months- Include someone to work in 24/7 Environment and to support over weekend
For SR SOC look for DDoS, Client, multi cloud defense, anti-virus applications, content filtering, firewalls (FP 4K series ) , authentication systems and intrusion detection threat detection and its related notification systems
It must be there in Resume on Real time and also in submittal in skill summary
SR SOC and IR
You'll respond to security incidents and analyze and correlate log data with the assistance of teammates as a critical lead role within the Security Incident Response Team (SIRT). You'll report findings to leadership and other internal Client teams while collaborating with engineers to enhance, improve, and modify enterprise and cloud (IaaS, SaaS) configurations based on investigations. Additionally, you'll provide recommendations and apply lessons learned from incidents for tools, process, capabilities and other new technologies to support business objectives.
Responsibilities
* Analyzing network traffic to identify malicious activity or compromised systems, prevent successful attacks
* Ability to collaborate within the team as well as security engineering and detection engineering teams to improve and build new tailored security detections
* Properly analyze alerts and being able to decipher between and investigation and an incident
* Keep up-to-date on modern attack techniques to continually integrate knowledge into new detections
* Contribute to playbooks, and use cases to protect our cloud
* Building relationships with the other technical teams across our engineering and infrastructure functions
* Perform root cause analysis on incidents
* Maintains situational awareness for cyber threats across the global firm and take action where necessary.
* Work through incident response engagements through containing security incidents, and remediation
* Works mostly independently, translating guidance and direction from management into the best approach to accomplish work.
* Solves moderately complex problems
* Investigate data breaches and malicious activity leveraging forensics tools; analyze Windows, and Linux, in cloud environments to identify Indicators of Compromise (IOCs); examine firewall, web, database, and other log sources to identify evidence of malicious activity.
* Track emerging security practices and contribute to building internal processes, and our various products.
* Be able to respond to incidents with minimal guidance
* Have a detailed understanding of splunk and AWS
* Good to advanced understanding of Splunk, alert creations and creating signatures
* Experience using Splunk, developing, maintaining, and tuning alerts
* Experience with cloud environments or technologies
* Proven knowledge and understanding of security incident types, indicators of compromise (IOCs), Indicators of Attack (IOA), and tools, tactics, and procedures (TTPs)
* Experience responding to incidents and alerts