Roles and Responsibilities:
Log validation: Once device onboarded verify logs and confirm required logs are receiving or not
Ensure depending on logs all required use cases are configured
Excellent knowledge and experience in Configuration of new Use Cases
Monthly dashboard preparation and review with client
Good skills on excel and PowerPoint
Perform threat hunting and raise critical high severity incidents
Understand and resolve client queries
Prepare template for daily weekly and monthly reports / dashboards
Ensure incident closure on time and achieve agreed SLA with customer
Provide required support during high severity incident/crisis at customer place
Ensure required alerts are getting triggered properly on the console
Good knowledge of UEBA
Knowledge of NBAD will be preferred
Experience and knowledge in red/blue team activity will be preferred
Reduce noise on the SIEM console / reduce false positives
Provide training to SOC L1 team members.
Excellent knowledge of Cyber security and other products like IDS/IPS Proxy Domain Controller Firewalls HIPS etc
Good knowledge of cloud devices and architecture
Experience in monitoring of different cloud technologies like AWS AZURE GCP etc.