Security monitoring experience with one or more SIEM technologies – Splunk, DNIF, HP ArcSight. QRadar
Monitor alerts automatically generated by security systems.
Basic Investigation and reporting
Monitor threats and new attack techniques being disclosed in the Investigate events to determine if they are true events or false positives.
Create new ways to search for potentially suspicious events on systems & Provide different types of data to measure security and compliance Qualifications.
The security analyst monitors security events from the various SOC entry channels
(SIEM, Tickets, Email and Phone), based on the security event severity, escalate to
managed service support teams, tier 2 information security specialist, and/or
customer as appropriate to perform further investigation and resolution.
Adher and follow ITIL process (incident, problem, and change & configuration management).