Cloud Engineer III- SOC Analyst
Gurugram Gurgaon HR, IN
Applications have closed
Insight Enterprises, Inc.
Insight is a leading solutions and systems integrator — providing computer hardware, software, cloud solutions and IT services to business, government, education and healthcare clients.Requisition Number: 96103
Job Title Cloud Engineer III – SOC Analyst
About Insight:
Founded in 1998, Insight is headquartered in Chandler, Arizona, USA and has more and has more than 13000+ Teammates worldwide with global presence in Canada, United Kingdom, Germany, Australia, India, Singapore and many more. With offices in the prime location -Gurgaon and Bangalore we have 1000+ teammates operating from India.
As a Fortune 500-ranked global provider of Digital Innovation, Cloud Data Center Transformation and Supply Chain Optimization solutions and services, we help clients successfully manage their IT today while transforming for tomorrow, recognized for its excellence.
About the team
We are providing Security L1/L2/L3/Engineering support for Identity, Network, App Security, Email Security based on Microsoft, Zscaler, Cisco and other ISV Tools following the cloud security model that provides organizations with a range of security solutions and services. This service model is designed to help organizations protect their networks, systems, and data from a variety of security threats, such as cyberattacks, data breaches, and unauthorized access.
Responsibilities –
- The scope of the Security Engineering Support and SOC/CFC defined here is based on the monitoring, management, and optimization of Security Services within client’s environment.
- All Security Engineering Support Services and SOC/CFC defined here are delivered in English for verbal and written communication.
- All Security Engineering Support Services and SOC/CFC defined here are delivered on a 24x7x365 basis.
- The Security Engineering Support Services and SOC/CFC defined here are delivered remotely using Insight’s Global Delivery Network, which includes personnel in India, North America, Europe, Asia Pacific regions.
- Minimum 4-5 years’ experience.
- SKILLS: Cyber Threat Analysis – EDR (Carbon black). SIEM Tools - Splunk and ELK. Familiar with cloud environments. Security Tools – Anti Virus (McAfee ePO). Host based forensics: windows (eric Zimmerman tools, KAPE to collect artifacts) Malware Analysis: behavior-based malware analysis. Ticket and Reporting tools: Archer and Service Now. Scripting: Python for simple scripts. Log analysis. Basics of network penetration testing. Wireshark, Security, Analyst, Endpoint Security, Cyber Security, Network Security, Threat Analysis, IBM QRadar, Azure Sentinel, Palo Alto
Responsibilities:
- Monitor and analyze data flow to identify, block and remediate malicious behavior or files for the infected host using EDR tools.
- Conducting Forensic analysis based on the criticality of the incident for understanding the root cause.
- Research and recommend solutions for incident response and co-ordinate with internal teams (IT, Engineering, Audit/Compliance, HR/Legal, threat intelligence team) to eradicate the threat.
- Proactively hunting for suspicious activities and processes on Windows platform with EDR tool that allows to analyze and hunt for suspicious or malicious activities.
- Performing advanced prevention capabilities like custom whitelisting, custom blacklisting, malware blocking, exploit blocking, and IOA-based prevention (Indicators of Attack).
- provide suggestions on fine-tuning to optimize existing SIEM rules and SOAR processes, to improve detection accuracy and reduce false positive alerts.
- Conducted analysis for cyber investigations on Ransomware, network intrusion incident response and Business E-Mail Compromise.
- Actively participate in large-scope high-impact cyber breaches and assist in the management of investigative workflows and activities to support response and remediation.
- Utilize industry-standard, open-source technology, and self-developed tools to execute large-scale investigations.
- Draft communications, assessments, and reports that may be both internal and customer-facing, to include leadership and executive management.
- Focusing on real-time monitoring and analyzing logs from various security appliances.
- Hands-on experience with SIEM, Microsoft 365, QRadar, Forensics and Azure Sentinel SIEM tools for log monitoring and analysis.
- Knowledge of networking concepts, including OSI layers, subnet, TCPIP, ports, DNS, DHCP, firewall monitoring, and content filtering.
- Experience in handling and mitigating attacks related to malware, viruses, spoofing, phishing, and email monitoring.
- Carrying out log monitoring and incident analysis for various devices such as End points, Firewalls, IDS, IPS, database, web servers.
Qualification:
- Education: B.E/B.Tech/Graduate/
Insight is an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, sexual orientation or any other characteristic protected by law.
Insight India Location:Level 16, Tower B, Building No 14, Dlf Cyber City In It/Ites Sez, Sector 24 &25 A Gurugram Gurgaon Hr 122002 India
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Antivirus Azure Carbon Black Cloud Compliance DNS EDR ELK Endpoint security Exploit Firewalls Forensics IDS Incident response IPS Log analysis Malware Monitoring Network security Pentesting Python QRadar Scripting SIEM SOAR SOC Splunk TCP/IP Threat intelligence Windows
Perks/benefits: Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Chief Information Security Officer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Security Specialist jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open Threat intelligence-related jobs
- Open IAM-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs