Splunk - Security Analyst L2
Sattrix Information Security Pvt. Ltd
3 - 7 years
As a Security Analyst L2, they will be responsible for operationalization of new security platforms in order to enable Security Operations Center to stay ahead of emerging and current threats. They will utilize data analytics, threat intelligence, and your experience to leverage new and existing technologies to build the use cases that drive security analytics and incident response. They will get hands-on with new and exciting technologies to help drive the direction of security capabilities.
Security Analyst Job Responsibilities:
• Developing and maintaining security monitoring and response processes.
• Doing incident analysis in detail and solution mapping with knowledge base
• Ensuring quality call handling and call escalation adhering to SLA
• Responsible for SOC tool's monitoring, maintenance and licenses management
• Development of Use cases design, reports analysis and further enhancement
• Proactively reviewing and operationalizing threat intelligence in order to create alerting to detect techniques, tactics, and procedures employed by threat actors
• Responsible for Incident management and change management process handling
• Maintaining current knowledge and understanding of the threat landscape and emerging security threats.
• Sharing knowledge and providing training to Level-1
• New devices integration and use cases creation
• Using Threat Intelligence identify infected/affected systems and scope of the attack
• Responsible for advanced Threat hunting and forensics
• Tracking, reporting, and controlling incident communications with other teams
Required Candidate profile
Security Analyst Qualifications/ Skills:
• 4+ years of related experience as Security Analyst
• Having strong understanding of SOC and Incident Response practices and methodologies.
• Expertise using one or more SIEM products Splunk, ArcSight, Qradar etc
• Expertise in troubleshooting technical issues in Splunk SIEM solution
• Strong technical knowledge on networking protocols and Internet security
• Experience with endpoint security analysis on Windows, Mac, and Linux event data and related tools.
• Understanding of security technologies, including UEBA, SIEM, IDS/IPS, firewalls, endpoint security, content filtering, and packet inspection
• Strong understanding of cloud computing and security issues related to cloud environments
• Strong analytical skills and ability to identify advanced threats
• Good knowledge and experience with threat hunting and forensic analysis
• Root cause analysis experience, getting to the root cause, problem solving
• Good knowledge on Window and Linux
• Strong written communication skills and presentation skills
Security Analyst Certification:
• Graduate: BE/BTech or equivalent
• SIEM technology certified (one or more): ArcSight, Qradar, Splunk, etc.
• Splunk Core Certified Advanced Power User will have added advantage
• CHFI certified will have added advantage
Industry Type :
Functional Area :
Employment Type :
Full Time, Permanent
Role Category :
B.Tech/B.E. in Any Specialization, Computers
M.Tech in Computers, MCA in Computers, Any Postgraduate in Any Specialization
Doctorate Not Required
Incident Response , Security Analysis , Change Management , SOC , Threat Intelligence , Incident Management , Splunk , Data Analytics , Security Operations Center , Security Monitoring
SATTRIX is specialized in information security and Technology Solutions. Our expertise is in professional and managed security services ranges from banking, financial services and insurance sector, to manufacturing, retail and other verticals. We provide end to end security expertise. You can visit the below link to know more about the Company.