L2 SOC Analyst

As part of the AiCyberWatch SOC team, the L2 Analyst will play a key role in our continued growth. AiCyberWatch is currently seeking experienced DLP Associates to help us manage & grow our DLP service line. We are seeking candidates with proven skills in DLP operations and having a desire to continuously learn & grow in the fast growing field of cyber security.

AiCyberWatch is the cyber security services arm of NGBPS Limited. NGBPS also runs NetDataVault, a Tier 3 certified Data Center & Cloud Solutions provider. The Company has deployed North India’s first ANSI/TIA-942, Tier-3 Certified Data Center and has an advanced Cloud Platform, set-up in association with HP, offering Data Center Co-location and Cloud Computing Services.

AiCyberWatch boasts of an AI and ML enabled Security Operations Center as a Service (SOC) offering, in partnership with world leaders, to provide Cyber Security Services to Enterprises across India, Asia, US and the Middle East. Additionally, we are providing DLP, IAM, Patch management services, VAPT, Red Teaming etc.

The L2 Associate will be responsible for regular operations, continuous improvement processes & managing client & vendor interactions. Over time, the individual will also be required to coach L1 enigneers in acquiring necessary skills. This opportunity is for experienced professionals with a strong passion for helping firms improve their cyber security posture. The person receives incidents escalated from L1, and work towards remediation of the incidents found. He/she continuously operates the Security Incident process, driving the resolution of identified issues, bringing the necessary experience and expertise above the existing L1 engineers.

Desired Skills and Experience

• Bachelors degree with 3-5 years of experience in cyber security solutions & DLP operations, Strong Experience in atleast 2 OEM/ tools is a must.
• Good communication skills both written and oral
• Proven expertise in deployment and upgrading of DLP policies
• Should have working knowledge of typical devices & systems found in typical client environment
• Should have good knowledge of firewalls, IDS/IPS, AVI, EDR, Proxy, DNS, Anti-Malware, AD, etc.
• Good understanding in raw Log formats of various security devices like Proxy, Firewall, IDS/IPS
• Good understanding of networking concepts (TCP/IP, LAN/WAN, Internet network topologies)
• Should possess relevant certifications like CEH, CISA, CISM etc. & DLP OEM certifications
• A strong work ethic with good time management skills
• Coachability; you’re interested in implementing feedback and dedicated to consistent improvement
  of your craft.
• Ability to mentor and encourage junior teammates in order to build a cohesive, motivated unit

Location – Mumbai/Delhi NCR

Key Duties & Responsibilities

• Conduct analysis, troubleshooting, and trending of incidents/events detected from Endpoint security solutions, DLP, and other security applications
• Manage various deployed DLP technologies and their integration points with Configuration Management Database (CMDB), Email infrastructure, LDAP (e.g. Active Directory), etc.
• Create custom rules and tune existing rules, policies, alerts, etc. within various security
  applications based on stakeholder needs or situational conditions
• Conduct ongoing Threat Hunting exercises using existing security applications
• Perform Level 2 & 3 triage and handling of security events (escalated from Level 1 Security
  Analysts or other); includes but is not limited to identification, containment, remediation, and
  reporting activities.
• Create new and enhance existing procedures to improve operational efficiencies and reporting
  accuracy
• Develop detailed technical recommendations to solve current and future security issues; identify protection gaps and propose effective mitigating solutions
• Maintain awareness of emerging threats to data protection, system integrity, and network
  availability
• Evaluate, design, architect, implement, and configure new security products and technologies
• Develop, review, and maintain documentation for security systems and procedures
• Create Daily/Weekly/ Monthly Reports & provide other necessary updates