Role & Responsibilities
24*7 cybersoc support to customer
Plan, implement, configure, and migrate market-leading cyber security solutions (Sentinel, MS defender, Crowdstrike, Qradar, Arbor, Qualys etc.)
Creation and implementation of new SIEM use cases (correlation rules), fine tuning, Config optimization, Qualys solution.
Working on malware analysis, mail analysis, qualys scanning etc.
Classification and investigation of alarms from different threat detection platforms and provision of the processed results to our customers
Assessment of the effects of an attack, taking initial measures and making concrete recommendations for action, Improvement of response plans and incident playbooks.
Anomaly and attack pattern detection at all stages of the cyber killchain
Tool-based and manual threat hunting to detect attacks after zero-day exploits or vulnerabilities with a potentially severe impact on customer environments become known
Creation of security reports based on the security incidents within the reporting period
Creation of reports and dashboards
Ensure adherence to and implementation of best incident response procedures as well as internal and industry standards
Participation in on-call duty to ensure incident response even outside of business hours
education, qualifications, and certifications
Skill Set
4+ years related work experience in customer facing organizations within cybersoc services
Regular
Read Full Description