SOC and DLP Analyst

Roles & Responsibilities for SOC Analyst

• Bachelor’s degree in engineering (BTech/B. E), MTech, MSc in IT related field.
• Desirable to have- Data Loss Prevention Administrator Certification
• Acknowledge, analyze, and validate incidents triggered from correlated events through SIEM solution.
• Acknowledge, analyze, and validate incidents received through other reporting mechanisms such as email, phone calls, management directions, etc.
• Collection of necessary logs that could help in the incident containment and security investigation.
• Escalate validated and confirmed incidents to SOC Analyst.
• Undertake first stages of false positive and false negative analysis.
• Track and update incidents and requests based on updates and analysis results
• Properly log client requests and change requests in SIEM tool.
• Report false positive alarms from EDR and SIEM to L2 (Grade 2) SOC analysts.
• Generate weekly reports from SIEM platform and send it to L2 (Grade 2) SOC analysts for review.
• Understanding of ISMS principles and guidelines; relevant frameworks (e.g., ISO27001)
• Roles & Responsibilities for DLP Analyst
• Hands-on experience with implementation of DLP technology across a large enterprise.
• Should have worked on various DLP OEMS’s Like Symantec, Forcepoint, MacAfee etc.
• Administration of the DLP tools to include configuration of policies, upgrading, patching etc.
• Monitor and respond to alerts generated from the DLP systems and other technologies.
• Understand and follow the incident response process through event escalations.
• Collaborate with business groups to help them identify, classify, and secure high value data.
• Sound knowledge of DLP versions, patches, and other initiatives for system updating/up gradation.
• Implementation of proactive measures to enhance accuracy and
  effectiveness of DLP tools.
• Excellent presentation and written communication skills with strong interpersonal skills.
• Good understanding of organizational network architectures including cloud.
• Experience in maintaining various metrices and SLAs. Required Professional Experience for SOC Analyst
• Professional experience as per the grade requirements mentioned under Article 4.1.2 Estimated Skill Levels of Consultant Personnel.
• Relevant experience in SOC operations.
• Knowledge and hands-on experience in management of IDS/IPS, Firewall, VPN, and other security products.
• Experience in Security Information Event Management (SIEM) tools, creation of basic co-relation rules, and administration of SIEM.
• Required Professional Experience for DLP Analyst
• Professional experience as per the grade requirements mentioned under Article 4.1.2 Estimated Skill Levels of Consultant Personnel.
• Relevant experience in managing end-to-end data loss prevention tool.
• Experience deploying in the cloud and on-premises.
• Excellent communication skills to interact for identified DLP incidents with multiple stakeholders.
  Skills/Tools Experience
• Tools such as Symantec DLP, Forcepoint DLP.
• Experience working with SIEM solutions (Splunk, LogRhythm, QRadar, etc.)

Tagged as: l3/l2 (grade 1&2)