SOC Engineer, L1
Bengaluru
Saviynt
Embrace Zero Trust, secure sensitive & privileged access, and stay in continuous compliance with the world’s #1 cloud identity governance platform.Position Summary:SOC Analyst Level-1 works within the 24/7 Cyber Security Fusion Centre to monitor security alerts, respond to and remediate detected issues, and work with the Incident Management process to remove threats and vulnerabilities within the organization. The role collaborates with other infrastructure and operational teams to maintain a secure environment and for incident response capabilities. This position will perform security event analysis, incident response, and other related activities as part of a global 24x7x365 organization.
WHAT YOU WILL BE DOING
- Responsibilities
- Strong understanding of cybersecurity principles, best practices, and industry standards, including knowledge of common attack vectors, vulnerabilities, and threat landscapes.
- Proficiency in detecting and analyzing security incidents, identifying indicators of compromise (IOCs), and effectively responding to and mitigating security threats.
- Familiarity with security tools such as SIEM (Security Information and Event Management) systems, IDS/IPS (Intrusion Detection/Prevention Systems), firewalls, antivirus software, and endpoint protection solutions, and the ability to utilize these tools effectively.
- The candidate should be skilled at analyzing security logs, network traffic, and system event data to identify patterns, anomalies, and potential security breaches and efficient in conducting incident investigations.
- Knowledge of threat intelligence sources, methodologies, and tools to gather and analyse information on emerging threats, vulnerabilities, and attack techniques. Understanding of network protocols, architecture, and administration, as well as knowledge of operating systems (Windows, Linux, etc.) and their security configurations.
- Strong analytical thinking and problem-solving abilities to analyze complex security issues, identify root causes, and propose appropriate solutions or mitigations.
- A mindset of continuous learning, staying updated with the latest security trends, technologies, and threats, and the ability to adapt to evolving security landscapes and emerging technologies.
WHAT YOU BRING
- Qualifications:
- 2 years of working experience in Security Operation Centre
- Education: A bachelor’s degree in computer science, Information Technology, Cybersecurity, or a related field is often preferred.
- Must have Skills:
- Willing to work in shifts - 24/7 schedule (9-hour shift model with five working days a week).
- Minimum three years of experience required in security incident response or security operations centre (SOC) with strong analytical.
- Strong problem-solving skills to assess and address security challenges, identify threats, and collaborate on appropriate solutions to mitigate risks.
- Strong working knowledge of security-relevant data, including network protocols, ports, and common services, such as TCP/IP and application layer protocols (e.g., HTTP/S, DNS, FTP, SMTP, IAM, etc.).Should have a good understanding of alerts generated by (SIEM, EDR, Antivirus, Email Security Gateway, DLP, CNAPP, WAF, VPN & various log sources).The ability to analyse complex security data, identify patterns, and draw meaningful insights from various sources to detect and respond to security incidents effectively.
- Candidate should know security concepts such as cyber-attacks and techniques, threat vectors, risk management, and incident management. etc
- Knowledge of Windows and/or Unix-based systems/architectures and security best practices and concepts.
- Handling End User reported Cybersecurity events and requests on content filtering using Sophos XDR for blocking and unblocking URLs.
- Flexibility and the capacity to adapt quickly to evolving security landscapes, emerging threats, new technologies, and changing priorities.
- Ability to communicate technical details effectively in writing and verbally to IT personnel and management.
- Good To have:
- Certifications such as CompTIA Security+ and Certified Ethical Hacker (CEH) are beneficial.
- Good understanding of AWS and Azure environments and vulnerability management.
- Proficiency in scripting or programming languages (e.g., Python, PowerShell) for automation and tool development.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Antivirus Automation AWS Azure CEH CNAPP CompTIA Computer Science DNS EDR Firewalls IAM IDS Incident response Intrusion detection IPS Linux PowerShell Python Risk management Scripting SIEM SMTP SOC TCP/IP Threat intelligence UNIX VPN Vulnerabilities Vulnerability management Windows XDR
Perks/benefits: Career development
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Cloud Security Architect jobs
- Open Product Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Information Security Officer jobs
- Open Information Security Specialist jobs
- Open Senior Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Chief Information Security Officer jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open IT Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Manager Pentest H/F jobs
- Open Security Operations Analyst jobs
- Open Security Consultant jobs
- Open IT Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Network Security Engineer jobs
- Open Information Security Architect jobs
- Open C-related jobs
- Open CISM-related jobs
- Open Risk assessment-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open ISO 27001-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Analytics-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open DoD-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open DevOps-related jobs
- Open APIs-related jobs
- Open Splunk-related jobs
- Open IDS-related jobs
- Open IPS-related jobs
- Open Kubernetes-related jobs