SOC Analyst

Bengaluru, India

Full Time Entry-level / Junior USD 45K - 68K *
Arista Networks logo

Arista Networks

Arista Networks was founded to pioneer and deliver software-driven cloud networking solutions for large data center storage and computing environments. Arista’s award-winning platforms, ranging in Ethernet speeds from 10 to 100 gigabits per...

View all employer listings

Apply now Apply later

Job Description

Reporting to the IT Security Manager, the IT SOC Analyst is a position based in Cary, NC / Vancouver, Canada / Bangalore, IN / Shannon, IE.

 

Responsibilities:

  • Characterize and analyze network traffic, logs and endpoint activity to identify anomalies, malicious or potential threats to Arista's assets; Perform event correlation using information gathered from a variety of sources (network and endpoint logs) to gain situational awareness to detect, confirm, contain, improve, and recover from attacks.

  • Respond to attacks found , interacting with users to remediate systems or repair damage caused

  • Perform detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities.

  • Analyze identified malicious activity to determine weaknesses exploited, exploitation methods, effects on system and information; Determine tactics, techniques, and procedures (TTPs) for intrusions.

  • Isolate assets and remove malware; Reconstruct a malicious attack or activity based on malicious samples seen on endpoints, phishing emails or in network traffic; Perform root cause analysis. 

  • Develop content for cyber defense tools; Help with the construction of signatures or indicators of compromise (IOCs) which can be implemented on cyber defense network tools in response to new or observed threats within the network environment or enclave.

  • Notify SOC managers and Security Analysts of suspected cyber incidents and share the event's history, status, and potential impact for further action following the cyber incident response plan and procedures.

  • Exercise user-oriented approach while handling security incidents to ensure that user impact is minimized as much as possible and the situation is well articulated to users

  • Document ongoing incidents, after action reports and escalate incidents (including event's history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environment.

  • Work closely with the various IT teams to maintain the workstation compliance, as per the Security norms/standards

  • Acknowledge, analyse and validate incidents received through other reporting mechanisms such as SIEM/ Monitoring platforms, email, phone calls, management directions, etc.

  • Administer security-dedicated systems (Software, Firewall management, EDR, NDR, log collection, reporting , analytics, Cloud Security consoles) as appropriate.

  • Work with internal teams to resolve computer security incidents and vulnerability compliance.

  • Monitor external data sources (e.g., cyber defense vendor sites, Computer Emergency Response Teams, Security Focus) to maintain currency of cyber defense threat condition and determine which security issues may have an impact on the enterprise.

  • Support Incident Response efforts - evidence collection, documentation, communications, and reporting.

  • Handling support of PC and Mac based users with security related problems 

Qualifications

  • BA or BSc. in Computer Science, Management Information Systems, Information Assurance or related field (Advanced degree desirable) with minimum of 2+ years of work experience in the field of Computer Security 

  • Log correlation among network defense tools and endpoint security technologies

  • Expert knowledge is desired of laptop operating systems (MacOS, Windows and Linux)

  • Lead efforts during one or more phases of Incident Response lifecycle

  • Proven project management experience a bonus - specifically experience in managing remote office configuration and bringup and working with remote/off-site vendors

  • Experience with, and like to remain aware of, recent cyber threats.

  • Preferred certifications: GCIH, GCFA, CEH, Network+, Security+ or equivalent industry standard certifications

  • Knowledge of information security standards (e.g., ISO 17799/27002, etc.), rules and regulations related to information security and data confidentiality (e.g., FERPA, HIPAA, etc.) and desktop, server, application, database, network security principles for risk identification and analysis. 

  • Knowledge of frameworks such as MITRE att&ck would be desirable. 

  • This position requires some weekend and evening assignments as well as availability during off-hours for participation in scheduled and unscheduled activities.

  • Salary is competitive and commensurate with experience and qualifications.

Additional Information

All your information will be kept confidential according to EEO guidelines.

* Salary range is an estimate based on our salary survey 💰

Tags: Analytics CEH Cloud Compliance Computer Science Cyber defense EDR Endpoint security Firewalls GCFA GCIH HIPAA Incident response Linux MacOS Malware MITRE ATT&CK Monitoring Network security SIEM TTPs Windows

Perks/benefits: Competitive pay Gear

Region: Asia/Pacific
Country: India
Job stats:  15  3  0
  • Share this job via
  • or

Explore more Cybersecurity career opportunities

Find open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Analysis, Cryptography, Digital Forensics and Cyber Security in general, filtered by job title or popular skill, toolset and products used.