SOC Analyst (1-5 Yrs)

Company Description:

Agilysys is a Hospitality software solutions and services provider located in Chennai. 
Their goal is to help organizations achieve High Return Hospitality™ by maximizing 
Return on Experience (ROE) through profitable interactions. They offer a range of 
solutions, including Property Management Systems (PMS), Point-of-Sale (POS) solutions, 
and Inventory and Procurement (I&P) systems. Agilysys serves a diverse customer base 
in the hospitality industry, including hotels, resorts, casinos, cruise lines, and more. They 
have a global presence, operating in North America, Europe, Asia-Pacific, and India.

Role Description & Responsibilities:
This is a full-time on-site role as a SOC Analyst at Agilysys in Chennai. 

1. Acknowledge, analyse and validate incidents triggered from correlated events 
through SIEM solution
2. Acknowledge, analyse and validate incidents received through other reporting 
mechanisms such as email, phone calls, management directions, etc.
Collection of necessary logs that could help in the incident containment and security 
investigation
3. Escalate validated and confirmed incidents to SOC Analyst
4. Undertake first stages of false positive and false negative analysis
5. Understand the structure and the meaning of logs from different log sources such as 
FW, IDS, Windows DC, Cisco appliances, AV and antimalware software, email security 
etc.
6. Understand the subject of EDR alarms
7. Open incidents in Service Desk to report the alarms triggered or threats detected.
8. Analyst should properly include for each incident on ServiceDesk all details related to 
the logs, alarms and other indicators identified in accordance with the intervention 
protocol of each client and the SLA.
9. Report false positive alarms from EDR and SIEM to L2 SOC analysts
Generate weekly reports from SIEM platform and send it to L2 SOC analysts for
review
10. Other duties related to the position

Experience, Knowledge & Essential Skills:

1. Knowledge and hands-on experience in management of IDS/IPS, Firewall, VPN, and 
other security products
2. Experience in Security Information Event Management (SIEM) tools, monitoring of 
correlation rules, dashboards and alerts
3. Should have expertise on TCP/IP network traffic and event log analysis
4. Should have expertise on TCP/IP network traffic and event log analysis
5. Knowledge and hands-on experience in SIEM tool
6. Knowledge of ITIL disciplines such as Incident, Problem and Change Management.