Role: SOC Analyst
Location: Decatur IL
Emp Type: Permanent Job
Interview: Phone/Skype
Required Technical Skill Set
SIEM SME - HP Arcsight SIEM Tool, Logging, Corelation Rules, Dashboards and system knowledge
Desired Experience Range
6-8 years
Must-Have Technical:
• Experience in HP Arcsight SIEM
• Experience in managing and configuring security monitoring correlation rules
• Responsible to create Rule book for all correlated rules and Train SOC monitoring team
• Generate reports and collect logs for deep analysis of Security incidents
• Event/Alert Triage & Analysis and suggest new rules for improvements
• Ability to continuously tune alerts and provide recommendations
• Suggest tuning the events and alerts from IDS, deep packet inspection devices
• Participate with SOC/Incident response team for security incidents
• Flexibility to work in shifts for 24x7 support
Good-to-Have
• Excellent listening skills & ability to communicate clearly and fluently in English
• Must be able to lead and participate in outage calls
• Create the Standard Operating Procedure and update the knowledge database documentation whenever required
• Ability to present reports to all level of clients, internally and externally
• Excellent organizational & communication skills
• Ability to adapt and influence in a rapidly changing environment
• Strong interpersonal, communication, organization and follow-through skills
• Demonstrate ability to work effectively in a team environment
• Offer ideas for quality and process improvements that align with the organization's goals
• Assist in the implementation of best practices, processes and tools
Responsibility of / Expectations from the Role
• Manage HP Arcsight SIEM
• Configure security monitoring correlation rules
• Responsible to create Rule book for all correlated rules and Train SOC monitoring team
• Generate reports and collect logs for deep analysis of Security incidents
• Event/Alert Triage & Analysis and suggest new rules for improvements
• Continuously tune alerts and provide recommendations
• Tune the events and alerts from IDS, deep packet inspection devices
• Participate with SOC/Incident response team for security incidents
• Flexibility to work in shifts for 24x7 support