Role Overview :

As a Senior SOC Analyst, you will play a critical role in monitoring, analyzing, and responding to security incidents within our clients' environments. You will leverage your deep expertise in Splunk, SIEM technologies, and cloud security to identify and mitigate threats, ensuring the confidentiality, integrity, and availability of critical assets. This role involves collaborating with other SOC analysts, incident responders, and engineering teams to enhance security posture and improve incident response capabilities. Your work will directly contribute to protecting our clients from sophisticated cyberattacks and maintaining their trust in our security services.

Key Responsibilities :

- Monitor security events and alerts from various sources, including SIEM, endpoint detection and response (EDR), and cloud security platforms, to identify potential security incidents.

- Analyze security incidents using Splunk Enterprise Security (ES) to determine the scope, impact, and root cause of security breaches.

- Develop and implement custom Splunk searches, dashboards, and alerts to improve threat detection and incident response capabilities.

- Conduct in-depth investigations of security incidents, including malware analysis, network traffic analysis, and log analysis, to identify malicious activity and contain threats.

- Collaborate with incident responders to contain and eradicate security threats, ensuring minimal disruption to business operations.

- Develop and maintain security documentation, including incident response plans, standard operating procedures, and security awareness training materials, to improve security preparedness.

- Mentor junior SOC analysts and provide guidance on security best practices and incident response procedures to enhance team skills and knowledge.

- Stay up-to-date on the latest security threats, vulnerabilities, and attack techniques to proactively identify and mitigate potential risks.

Required Skillset :

- Demonstrated ability to analyze security events and incidents using Splunk Enterprise Security (ES) and other SIEM technologies.

- Proven expertise in developing and implementing custom Splunk searches, dashboards, and alerts to improve threat detection capabilities.

- Strong understanding of security concepts, including network security, endpoint security, cloud security, and incident response.

- Excellent analytical and problem-solving skills, with the ability to identify and resolve complex security issues.

- Effective communication and interpersonal skills, with the ability to collaborate with cross-functional teams and communicate technical information to non-technical audiences.

- Bachelor's degree in Computer Science, Information Security, or a related field.

- Ability to work effectively in a fast-paced, dynamic environment and adapt to changing priorities.