Cloud Engineer II- SOC Analyst

Gurugram Gurgaon HR, IN

Insight Enterprises, Inc.

Insight is a leading solutions and systems integrator — providing computer hardware, software, cloud solutions and IT services to business, government, education and healthcare clients.

View company page

Requisition Number: 96103 

                                                                                                                                              

Job Title Cloud Engineer III – SOC Analyst

About Insight:

Founded in 1998, Insight is headquartered in Chandler, Arizona, USA and has more and has more than 13000+ Teammates worldwide with global presence in Canada, United Kingdom, Germany, Australia, India, Singapore and many more. With offices in the prime location -Gurgaon and Bangalore we have 1000+ teammates operating from India.

As a Fortune 500-ranked global provider of Digital Innovation, Cloud Data Center Transformation and Supply Chain Optimization solutions and services, we help clients successfully manage their IT today while transforming for tomorrow, recognized for its excellence.  

                                                                                            

About the team

 

We are providing Security L1/L2/L3/Engineering support for Identity, Network, App Security, Email Security based on Microsoft, Zscaler, Cisco and other ISV Tools following the cloud security model that provides organizations with a range of security solutions and services. This service model is designed to help organizations protect their networks, systems, and data from a variety of security threats, such as cyberattacks, data breaches, and unauthorized access.​

 

Responsibilities –

  • The scope of the Security Engineering Support and SOC/CFC defined here is based on the monitoring, management, and optimization of Security Services within client’s environment.
  • All Security Engineering Support Services and SOC/CFC defined here are delivered in English for verbal and written communication.
  • All Security Engineering Support Services and SOC/CFC defined here are delivered on a 24x7x365 basis.
  • The Security Engineering Support Services and SOC/CFC defined here are delivered remotely using Insight’s Global Delivery Network, which includes personnel in India, North America, Europe, Asia Pacific regions.

 

  • Minimum 4-5 years’ experience.

 

  • SKILLS: Cyber Threat Analysis – EDR (Carbon black). SIEM Tools - Splunk and ELK. Familiar with cloud environments. Security Tools – Anti Virus (McAfee ePO). Host based forensics: windows (eric Zimmerman tools, KAPE to collect artifacts) Malware Analysis: behavior-based malware analysis. Ticket and Reporting tools: Archer and Service Now. Scripting: Python for simple scripts. Log analysis. Basics of network penetration testing. Wireshark, Security, Analyst, Endpoint Security, Cyber Security, Network Security, Threat Analysis, IBM QRadar, Azure Sentinel, Palo Alto

 

Responsibilities:

 

  • Monitor and analyze data flow to identify, block and remediate malicious behavior or files for the infected host using EDR tools.
  • Conducting Forensic analysis based on the criticality of the incident for understanding the root cause.
  • Research and recommend solutions for incident response and co-ordinate with internal teams (IT, Engineering, Audit/Compliance, HR/Legal, threat intelligence team) to eradicate the threat.
  • Proactively hunting for suspicious activities and processes on Windows platform with EDR tool that allows to analyze and hunt for suspicious or malicious activities.
  • Performing advanced prevention capabilities like custom whitelisting, custom blacklisting, malware blocking, exploit blocking, and IOA-based prevention (Indicators of Attack).
  • provide suggestions on fine-tuning to optimize existing SIEM rules and SOAR processes, to improve detection accuracy and reduce false positive alerts.
  • Conducted analysis for cyber investigations on Ransomware, network intrusion incident response and Business E-Mail Compromise.
  • Actively participate in large-scope high-impact cyber breaches and assist in the management of investigative workflows and activities to support response and remediation.
  • Utilize industry-standard, open-source technology, and self-developed tools to execute large-scale investigations.
  • Draft communications, assessments, and reports that may be both internal and customer-facing, to include leadership and executive management.
  • Focusing on real-time monitoring and analyzing logs from various security appliances.
  • Hands-on experience with SIEM, Microsoft 365, QRadar, Forensics and Azure Sentinel SIEM tools for log monitoring and analysis.
  • Knowledge of networking concepts, including OSI layers, subnet, TCPIP, ports, DNS, DHCP, firewall monitoring, and content filtering.
  • Experience in handling and mitigating attacks related to malware, viruses, spoofing, phishing, and email monitoring.
  • Carrying out log monitoring and incident analysis for various devices such as End points, Firewalls, IDS, IPS, database, web servers.

 

 

Qualification:

 

  • Education: B.E/B.Tech/Graduate/

 

 

Insight is an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, sexual orientation or any other characteristic protected by law.

 

Today's talent leads tomorrow's success. Learn about careers at Insight: https://www.insight.com/en_US/careers/india.html

 

Insight is an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, sexual orientation or any other characteristic protected by law.

 

Insight India Location:Level 16, Tower B, Building No 14, Dlf Cyber City In It/Ites Sez, Sector 24 &25 A Gurugram Gurgaon Hr 122002 India

Apply now Apply later
  • Share this job via
  • or

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: Antivirus Azure Carbon Black Cloud Compliance DNS EDR ELK Endpoint security Exploit Firewalls Forensics IDS Incident response IPS Log analysis Malware Monitoring Network security Pentesting Python QRadar Scripting SIEM SOAR SOC Splunk TCP/IP Threat intelligence Windows

Perks/benefits: Team events

Region: Asia/Pacific
Country: India

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.