IN_Senior Associate_SOC _Managed Services_Advisory_Mumbai

Line of Service

Advisory

Industry/Sector

FS X-Sector

Specialism

Risk

Management Level

Senior Associate

Job Description & Summary

The SOC Analyst –L3 will be part of existing Ares Global SOC team and will be responsible for day-to-day security operations by responding to and investigating security events of interest and recommending or taking corrective action by working with IT and non-IT team members. They will also respond to security incident and investigation requests in line with established Security Incident Response processes and procedures, within defined service level targets. This position requires shift work in a 24*7*365 environment.

• Why PWC
  
  
  

At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us.

At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. "

Responsibilities

Detailed Responsibilities/Duties

• Responsible for initial or secondary triage of security incidents identified by internal controls or external SOC partners
• Proficient in Threat Research and understands the latest malware trends, common attack TTPs, and the general threat landscape
• Proficient in Incident Response and automation workflows as it relates to Security Operations
• Demonstrates ability to author content using a variety of query languages, as well as scripting for event enrichment and investigation
• Detects, identifies, and responds to cyber events, threats, security risks and vulnerabilities in line with cyber security policies and procedures
• Conducts threat hunting and analysis using various toolsets based on intelligence gathered
• Responsible for documenting the incident life cycle, conducting handoffs’, escalation, and providing support during cyber incidents
• Create detailed Incident Reports and contribute to lessons learned in collaboration with the team
• Works with vulnerability management resources to uncover and prioritize potential risks and makes specific recommendations to reduce the threat landscape and minimize risk
• Works with leadership and the engineering team to improve and expand available toolsets when warranted
• are critical for the role
  
  
  

Skills

Required Qualifications

• Experience with one or more Security Information and Event Management (SIEM) solutions
• Understanding of common Attack methods and their SIEM signatures
• Experience in security monitoring, Incident Response (IR), security tools configuration and security remediation
• Strong knowledge and experience in Security Event Analysis capability
• Understanding of network protocols (TCP/IP stack, SSL/TLS, IPSEC, SMTP/IMAP, FTP, HTTP etc.)
• Understanding of Operating System, Web Server, database, and Security devices (firewall/NIDS/NIPS) logs and log formats
• Understanding of String Parsing and Regular Expressions
• Strong analytical and problem-solving skills
• High level of personal integrity, and the ability to professionally handle confidential matters and show an appropriate level of judgment and maturity
• Ability to interact effectively at all levels with sensitivity to cultural diversity
• Ability to adapt as the external environment and organization evolves
• Passionate about Cybersecurity domain and has the inclination to learn current technologies / concepts / improvements
• Excellent in security incident handling, documentation, root cause analysis, troubleshooting and publishing post-Incident Reports.
• Strong experience with cyber security in the domains of cyber threat intelligence and analysis, security monitoring and incident response
• Experience of network and system vulnerabilities, malware, networking protocols and attack methods to exploit vulnerabilities
• Knowledge of cyber security frameworks and attack methodologies
• Experience working with EDRs, Proxies, and anti-virus
• Knowledge of intrusion detection methodologies and techniques for detecting host- and network-based intrusions via intrusion detection technologies
• Excellent verbal and written English communication skills
  
  
  

Mandatory Skill Sets

Tools

• Email Security: Proofpoint, Abnormal Security, M365 Defender
• SOAR: Palo Alto XSOAR
• SIEM: Splunk
• Firewall: Palo Alto
• EDR: Crowdstrike
• Other tools: Darktrace and M365 Defender
  
  
  

Preferred Skill Sets

SOC

Years Of Experience Required

4-8 Years

Education Qualification

B.Tech/MCA/MBA with IT background/ Bachelor’s degree in Information Technology, Cybersecurity, Computer Science

• Professional Certifications like CEH, CCSE, CCNA, Security+, etc., will be plus
• SIEM certifications
  
  
  

Education (if blank, degree and/or field of study not specified)

Degrees/Field of Study required: Bachelor of Engineering, Master of Business Administration

Degrees/Field Of Study Preferred

Certifications (if blank, certifications not specified)

Required Skills

Microsoft Defender, Palo Alto Cortex XSOAR, Splunk

Optional Skills

SoCs

Desired Languages (If blank, desired languages not specified)

Travel Requirements

Not Specified

Available for Work Visa Sponsorship?

No

Government Clearance Required?

No

Job Posting End Date