Senior SOC Analyst

**General**:

- Critical incident handling and escalation response.
- New report and rules creation/configuration.
- Integrate SIEM with new devices or event sources.
- Troubleshoot and resolve the SIEM integration issues.
- Provide feedback for device management practices and engineering requirements.
- Cross-verify incident details that are recorded by Tier1 team.
- Document corrective and preventive actions for all IT security incidents in the knowledge base.
- Serve as technical lead on SOC shifts, as well as SOC technical projects that are outside the scope of normal shift responsibilities.
- Train newly hired SOC Analysts on SOC policies and procedures.
- Manage and Resolve SOC tickets and ticket related issues.
- Audit security incidents for proper categorisation and actions taken.
- Provide inputs to SOC tools expert enhancements and fine tuning.
- Co-ordinate with product vendor for OEM related issues.
- Review and present weekly reports
- Maintain SOC tools and technologies.
- Review new threat feeds and determine how it pertains to Elanco’s environment
- Review the knowledge management documents, revising and updating processes, tools and existing technology, resource planning and deployment and program communication.
- Suggest improvements for SOC.
- Can independently research and fix issues.

**Addition / Optional**
- Carry out in-depth investigation on security events, raise incidents and support the Incident Management process on a 24/7 support shift rotation.
- Provide remote incident response activities and advice to support customers during and immediately after security incidents.
- Respond to system generated alerts, analyze logs and traffic patterns.
- Maintain and improve SIEM correlation rules and Endpoint Protection detections.
- Supporting multiple customer environments concurrently.
- Provide analysis and trending of security log data and network traffic.
- Generate customer facing security reports.
- Integrate and share information with other analysts and other teams.
- Other duties as assigned.
- Has a passion for security and enjoys solving problems.
- Experience working with SIEM and EDR systems.
- Good knowledge of Cyber Security Incident Response processes & procedures.
- Excellent knowledge on the fundamentals of Windows and Unix systems.
- Good understanding of host forensics, memory forensics and network forensics.
- In-depth knowledge of the security threat landscape.
- Knowledge of various security methodologies and processes, and technical security solutions.
- Knowledge of investigation techniques to determine security incidents.
- Ability to multi-task, prioritize, and manage time effectively.
- Strong attention to detail.
- Excellent interpersonal skills and professional demeanor.
- Excellent verbal and written communication skills.
- Excellent customer service skills.
- Industry standard certifications such as: CREST CRT, CREST CCT, OSCP, GCFA, GNFA, GREM/ Relevant specialized degree in Cyber Forensics.
- 3+ years’ or more of experience as a Cyber Security Analyst or equivalent.
- Bachelors degree in related field or equivalent experience and knowledge
- Prior experience actively using endpoint threat detection and response (EDR) products to investigate threats such as VMWare Carbon Black, Windows Defender ATP, CrowdStrike Falcon, Sentinel One, Trend Micro XDR, Tanium, or others.

**Education & Certification**
- Minimum Bachelor’s Degree (Engineering / Computer Science / Computer Application) or Equivalent.
- Certification like CompTIA Security+, ISC2 CISSP, Vendor / OEM certification on EVM, EDR, SIEM, SOAR, equivalent would be preference.

**Experience**
- 3 - 5 Yrs. (Preferable exp on Govt / Semi Govt / Others Govt Agencies)

Senior SOC Analyst