Skills :- Splunk /Qradar
- Configuration ,Implementation/Administration and Monitor Console & Dashboards and provide response to the reported incidents
- Monitor SIEM tool health and perform rules fine tuning
- Perform initial analysis for known issues and provide the appropriate recommendations for closure.
- Monitor & Reporting of system components health and take necessary action in case of any observed issue.
- Provide notification and communication with Incident management and respective application team upon threat detection.
- Incident closure coordination and follow up with resolution team and other SOC solution teams.
- Monitoring and coordination of SOC standard activities like backup, patching, basic installation of agents (if applicable) etc.
- Daily report preparation on number of incidents detected, closed, in progresses, open security issues
- Maintain post incident documentation about all the actions taken, root cause, controls implemented.
- Above is an illustrative list of general activities. Technology specific activities shall be arrived at in consultation with the Project Manager L1 & L2 resource
UG:BCA in Any Specialization,B.Sc in Computers,B.Tech/B.E. in Any Specialization
PG:MS/M.Sc(Science) in Computers,M.Tech in Any Specialization,MCA in Any Specialization
Leading Cyber Security Services