SOC Engineer L3
Rol remoto de SOC Engineer con fit claro de ubicación del candidato.
SOC Engineer L3
Requisitos y responsabilidades
Contenido del rol extraído en secciones para revisar más rápido.
SOC Engineer L3 Job Responsibilities: - Annual compensation of 12 lakhs - Remote working Candidate with about 5 to 6 years of experience and is a Level 2 engineer and can be considered for entry L3 now. A Level 3 SOC Engineer is usually considered a slightly senior position, focusing on the most complex security challenges, strategy development, and leadership within the SOC team. Here are the combined responsibilities: SIEM and Network Security Administration: Implement and administer the Security Information and Event Management (SIEM) system, network security hardware, and software. Identify system vulnerabilities and develop strategies to mitigate them. Vulnerability Mitigation and Documentation: Develop solutions to address identified vulnerabilities. Create and maintain standard operating procedures and protocols to ensure consistent and secure operations. Device Onboarding and Log Management: Handle device onboarding and manage logs effectively by developing and maintaining log parsers to ensure comprehensive monitoring. SIEM Maintenance and Troubleshooting: Provide installation, maintenance, upgrades, and troubleshooting for the SIEM solution and its components across all functional departments. Flexibility in Duties: Take on varied responsibilities, including covering for absences or balancing workload, which may involve working in different areas of the SOC. Cloud and Network Security Monitoring: Detect and respond to malicious activities on cloud systems, SaaS, workstations, servers, and networks, ensuring comprehensive security coverage. Threat Detection Optimization: Optimize threat detection tools for DLP, SIEM, EDR, antivirus, cloud security, and intrusion detection systems, among other technologies, to enhance security posture. Event Analysis and Escalation Response: Review and respond to escalated security events, ensuring timely and effective incident resolution. Proactive Threat Hunting: Engage in proactive threat hunting to identify and mitigate potential threats before they impact the environment. Signature Development and System Tuning: Write detection signatures, tune systems and tools, develop automation scripts, and create correlation rules to improve detection and response capabilities. Adversary TTP Knowledge: Maintain up-to-date knowledge of adversary tactics, techniques, and procedures to anticipate and counteract potential threats. Forensic Analysis: Conduct in-depth forensic analysis on affected systems and coordinate with third-party resources as needed for advanced investigations. Communication and Reporting: Provide timely and relevant updates to stakeholders and decision-makers, ensuring they are informed of current security postures and incident impacts. [email protected] Originally posted on Himalayas
Mantén una lista de respaldo.
Stack
Usa estas tags para comparar roles remotos similares.
Elegibilidad de ubicación
Candidatos deberían aplicar solo cuando el país del perfil aparece aquí.
Flujo de contratación
WithMira muestra el rol y luego envía candidatos a la aplicación de la empresa.