Administrator - SIEM (SO2)

India

Job Description

Responsibilities

Monitoring of SIEM alerts and creation of SIEM investigations.
Gathering information of Alerts & Incidents and performing Initial Incident Analysis.

o Artifacts Gathering
o Performing OSINT checks.
o User profiling , Device Profiling , IP and Application Profiling etc.
o Documenting all the above in Incident Analysis Template

Post Initial Analysis, escalating the Incident to L2 /L3.
Teams Channel Monitoring.
SOC mail box Monitoring.
Performing Health Daily Checks.
Performing validation and deep dive analysis of the alert.

o Identifying the alert, if its TP / FP. If TP, identifying the root cause.
o Taking necessary remediation actions post analysis and ensuring the action are completed successfully.
o Detailed analysis documentation following the defined template.
o If False Positive and repeating alerts, identifying the root case and finetuning of the use case to reduce the False Detections.
o Helping in creating Incident Report whenever its required.
o Discussing & Explaining the Incidents of Interest on Shift handover calls and Client Calls in detail.
o Identifying any incidents which need immediate attention and escalating to L3/ On-calls for quick actions.

Escalating of potential incidents to L3 according to predefined escalation scenarios.
Supporting the Client Incident Response team during the Incident Response Process.
Performing Daily Shift Handover call with L3.
Working on Automation in SOC operations.

Location

India - Bengaluru

Created On

03-Sep-2025

Similar jobs

No similar jobs found

Term of use Privacy policy