Job Description

:

Role Proficiency: Monitor cyber security alerts for our global customers in a 24x7x365 operations team under the close supervision of Team Lead / senior members of the team.

Outcomes: * Under the close supervision of senior team members ensure that cyber security alerts from the SIEM and multiple sources are dealt with as per SLA.

• Closely follow the documented playbook to ensure consistent and repeatable response to alerts.
• Ensure Documentation included in CDC / SIEM work log as predefined / agreed standards. Learn from review process for continuous improvement
• Communicate and escalate appropriately as per defined process. Seek advice from senior members of the team when in doubt.
• Adhere to defined SOC processes including housekeeping tasks. Adhere to the Information Security policies as defined by the company and customer.

Measures of Outcomes: * Adherence to SLA as agreed with the customer.

• Productivity (Number of alerts addressed)
• Quality - Percent of tickets that met quality norms
• Adherence to process - Nil NC during audits
• Evidence of skill development including training certification etc.

Outputs Expected: Cyber Security Monitoring : * Work in accordance with the Playbook / under close supervision of the senior members of the team. monitoring alerts in the CDC Platform / SIEM Tool

etc. Ensure appropriate response in line with the SLA.
Cyber Security Incident Management: * In accordance with the Playbook and under close supervision of the senior members of the team

process alerts through analysis
triage and resolution.

• Communication and escalation as per defined process. In accordance with the Playbook and under close supervision of the senior members of the team. complete documentation including annotation in CDC / SIEM work log to ensure audit trail as per defined standards and quality requirements.

• In accordance with the defined process

while under close supervision of the senior members of the team
ensure that the defined reports are created and published to stakeholders
Continuous Learning
innovation and optimization : * Ensure completion of learning program suggested by Managers

• Suggest ideas that will help innovation and optimization of processes

Skill Examples: * User level skills in use of CDC SIEM and other relevant tools

• Excellent logical problem-solving ability and analytical skills for incident triage and analysis
• Good oral and written communication skills.
• Continually learn new technology and stay updated on cyber threats.
• Ability to work in rotating shifts and also be on-call outside of shift hours on a regular and recurring basis.
• Possess unimpeachable personal and professional integrity. Individuals will be required to submit to a background check.

Knowledge Examples: * Lateral hire with 6 months to 1 year; SOC Experience or Fresher / Jr. with Cyberproof Foundations Training; interns cleared by Manager for next role

• University Degree in Cyber Security (no back papers) / Bachelor\'s in Science or Engineering with training and demonstrable knowledge in the basics of Cyber Security
• Understanding of cybersecurity Incident Management process
• Understanding of enterprise IT Infrastructure including Networks OS Databases Web Applications etc.
• Awareness of ISMS principles and guidelines; relevant frameworks (e.g. ISO27001)
• Desirable - Training / Certification in Ethical Hacking etc.

Additional Comments:

CyberProof is a cyber security services and platform company whose mission is to help our customers react faster and smarter - and stay ahead of security threats, by creating secure digital ecosystems. CyberProof automates processes to detect and prioritize threats early and respond rapidly and decisively. CyberProof is part of the UST Global family. Some of the world\'s largest enterprises trust us to create and maintain secure digital ecosystems using our comprehensive cyber security platform and mitigation services. CyberProof is seeking a Senior Security Analyst who will be part of our growing SOC group, which monitors, investigates, and resolves security incidents, violations, and suspicious activities. Our global SOC group takes innovative approaches and uses the most cutting edge technologies. Responsibilities: Resolve, escalate, report, and raise recommendations for resolving and remediating security incidents. Be an escalation point for investigations of clients and suggest optimization activities to improve their performance. Proactively monitor and review threats and suspicious events from customers participating in the service. Handle the advanced monitoring of system logs, SIEM tools, and network traffic for unusual or suspicious activity Set up SIEM solutions and troubleshoot connectivity issues. Investigate and resolve security violations by providing post-mortem analysis to illuminate issues and possible solutions Collate security incident and event data to produce monthly exception and management reports. Report unresolved network security exposure, misuse of resources, or noncompliance situations using defined escalation processes Assist and train team members in the use of security tools, the preparation of security reports, and the resolution of security issues Develop and maintain documentation for security systems and procedures Maintain excellent customer satisfaction through professional, proactive and personal service.

UST Global