Mohaseen Shaikh’s Post

Are you a security analyst or aspiring to become one? I had many queries when I started my career as security analyst. I am sharing some of my experiences being in SOC role and how this career path is different from other roles. At high level, the role of a security analyst stands as the cornerstone of safeguarding company’s digital infrastructure. 🔭 Seeing the Big Picture: While some security folks focus on just one part of the problem, analysts look at everything. They check the anomalies in networks, systems, and apps to spot any weak spots where hackers could break in. 🆘 Being Ready for Anything: When something goes wrong, analysts are the ones who jump into action. They're trained to respond fast and fix problems before they become big incidents. 🕑 Running the Show: In big companies, analysts are like the captains of the security team. They make sure everyone knows what to do if something bad happens and keeps everything running smoothly. 🛠 Having super Skills: Analysts aren't just tech sound. They're also great at thinking fast and telling others about security in a way that makes sense. They're like superheroes, protecting our digital world! 🔐 Incident Response Expertise: When breaches occur, security analysts are the first responders. They possess finely tuned incident response skills, swiftly identifying and containing security breaches. Their ability to analyze the root cause and mitigate risks distinguishes them from other security professionals. 🌏Watching 24*7*365: Security analysts engage in continuous monitoring and analysis. They utilize advanced tools and techniques to detect anomalies, ensuring real-time threat intelligence and proactive defense mechanisms. ⚙ Security Operations Center (SOC) Management: Security analysts coordinate with cross-functional teams, oversee security protocols, and streamline incident escalation procedures. Their role is pivotal in maintaining SOC efficiency and efficacy. In essence, the life of a security analyst is marked by continuous learning, vigilance, adaptability and a commitment to secure company against cyber threats. #cybersecurity #securityanalyst #infosec #investigation #enterprisesecurity #soc #digitialsecurity #securityrole #learnandgrow #24*7 #cyberheroes #cyberthreats #cyberrisk

#hiring #soc #socanalyst #onsite #qatarjobs #onsitesoftwarejob #softwarejobs #briskwin Immediate opening for SOC Analyst - Onsite EXP: 13+ yrs JD:  Monitoring and analysis of cyber security events with the use of (SIEM) and other tools.  SOAR experience to Design and configure automation and workbooks.  SIEM as MS sentinel and Q-radar and other tools use case management (alerts and reports) as per industry best practices.  Monitor EDR to detect and investigate suspicious activities across all products.  Monitor shadow IT for external threats and data exfiltrate.  Provide analysis and trending of security log data from many heterogeneous IT security devices.  Continuous threat hunting and liaise with the relevant team in case suspected incident.  Provide threat and vulnerability analysis as well as security advisory services.  Analyze and respond to previously undisclosed software and hardware vulnerabilities.  Investigate, document, and report on Cybersecurity issues and emerging trends.  Review SOC Analyst ticket queue, review tickets, closure or reassignment as needed.  Create/review/modify documentation as needed, to include any process or procedure and thus ensure its up to date and standard.  Provide analytical feedback on network traffic patterns.  Provide analytical feedback related to malware and other network threats.  Understand information security policies and best practices in environments.  Provide technical support within the Security Incident and Event Management team to assist in the investigation and remediation of security incidents.  Escalate incident remediation changes with other business units, vendors, and customers, adhering to a predefined ITIL change management framework.  Where necessary, liaise and work with Professional Services Engineers and Solutions Architects around incident investigation and reporting.  Maintain detailed knowledge of the environment(s), where applicable, by maintaining and updating relevant documentation such as Network Diagrams, Configuration and Asset Databases along with process and procedural documentation.  Change management calendar updates/closures.  Monthly SOC Reports.  SOC White Board daily/weekly updates.  Conduct security assessments regularly to identify vulnerabilities and performing risk analysis.  Document incidents to contribute to incident response and disaster recovery plans.  In the case of third-party vendors, verify their security strength and collaborate with them.  Analysis of phishing emails reported by internal end users.  excellent understanding of application layer attacks, network level attacks, zero-day attacks etc. Skills & Requirements:  Requires Bachelor’s degrees in Computer/IT engineering or related field.  Professional Certifications – SOC Analyst (CSA, CompTIA CySA+ etc.), CEH.  SIEM Solution (Azure Sentinel, Q-Radar etc.). If interested, share your updated profile to praneetha.s@briskwinit.com with subject "SOC Analyst"

#urgentlyhiring for – #cybersecurity #incidentresponse #engineer #PrimarySkillset : SOC - #splunk , #qualys , #siem #shift – 24/7 #location – #bangalore #noticeperiod – #immediatejoiners to #45days #Experience – #6years + #relevant #experience – #5years #JobProfileSummary As the CSIR engineer, the typical day can vary greatly depending on the specific position. They may begin their day by looking over dashboards, reports from the previous day or shift, including checking for any new threats and identifying malware that may have infiltrated the system. also prepare for and respond to system breaches or attacks. These processes might differ between Clients, but they generally include responding to hacks or network insecurities and working to prevent new ones. Your key responsibilities will include but are not limited to: Manage day-to-day operations of reviewing SIEM alert and other vulnerability management tools. Ensure that all the various environments within the Client have adequate scans and assessments performed. Participate in security incident response process when required. Support the Security Management Lifecycle including: o Real-time Monitoring o Incident investigation. o Research. o Correlation. o Trending. o Remediation. o Setup and configure SIEM, including data analysis, rule creation. establish thresholds, reference lists, and other duties. o Setup, investigate, and advanced troubleshooting of log transport agents. Work with Client technology owners and platform leads to ensure vulnerabilities and issues are patched and remediated on time. Oversee the implementation and management of operational security reporting activities. Regularly, meet with the internal team to review security reports, status, review any risks, issues, incidents, and outstanding activities. Vulnerability Management, Malware analysis, Threat hunting and assist in forensic analysis. Managing stakeholder expectations and assisting in the reduction of the impact of a cybersecurity event or incident. Contribute to maintaining knowledge base/playbooks by updating procedural documentation. Actively participate in process improvement with other team members and Wider team. Conduct presentations of the security breaches findings to the business and advise on new measures required to prevent reoccurrence of similar breaches. What would make you a good fit for this role? (Mandatory skills) Experience in working in Security Operation Centre. Demonstrated genuine interests and passion for cybersecurity, incident problem solving is a must. Working knowledge of security operations environments and security incident management & response handling. Hands-on experience in managing Splunk, other SIEM logging solution like Microsoft Sentinel, ArcSight, LogRythm. Hands-on knowledge on the creation of use cases within SIEM solution including advanced correlation rules. share your resume at chakravarthi@pr-talent.com or ping me on messenger

#urgentlyhiring for – #cybersecurity #incidentresponse #engineer #PrimarySkillset : SOC - #splunk , #qualys , #siem (#1st #round #face2face #mandatory ) #shift – 24/7 #location – #bangalore #noticeperiod – #immediatejoiners to #30days #Experience – #6years + #relevant #experience – #5years #JobProfileSummary As the CSIR engineer, the typical day can vary greatly depending on the specific position. They may begin their day by looking over dashboards, reports from the previous day or shift, including checking for any new threats and identifying malware that may have infiltrated the system. also prepare for and respond to system breaches or attacks. These processes might differ between Clients, but they generally include responding to hacks or network insecurities and working to prevent new ones. Your key responsibilities will include but are not limited to: Manage day-to-day operations of reviewing SIEM alert and other vulnerability management tools. Ensure that all the various environments within the Client have adequate scans and assessments performed. Participate in security incident response process when required. Support the Security Management Lifecycle including: o Real-time Monitoring o Incident investigation. o Research. o Correlation. o Trending. o Remediation. o Setup and configure SIEM, including data analysis, rule creation. establish thresholds, reference lists, and other duties. o Setup, investigate, and advanced troubleshooting of log transport agents. Work with Client technology owners and platform leads to ensure vulnerabilities and issues are patched and remediated on time. Oversee the implementation and management of operational security reporting activities. Regularly, meet with the internal team to review security reports, status, review any risks, issues, incidents, and outstanding activities. Vulnerability Management, Malware analysis, Threat hunting and assist in forensic analysis. Managing stakeholder expectations and assisting in the reduction of the impact of a cybersecurity event or incident. Contribute to maintaining knowledge base/playbooks by updating procedural documentation. Actively participate in process improvement with other team members and Wider team. Conduct presentations of the security breaches findings to the business and advise on new measures required to prevent reoccurrence of similar breaches. What would make you a good fit for this role? (Mandatory skills) Experience in working in Security Operation Centre. Demonstrated genuine interests and passion for cybersecurity, incident problem solving is a must. Working knowledge of security operations environments and security incident management & response handling. Hands-on experience in managing Splunk, other SIEM logging solution like Microsoft Sentinel, ArcSight, LogRythm. Hands-on knowledge on the creation of use cases within SIEM solution including advanced correlation rules. share your resume #at chakravarthi@pr-talent.com

#urgentlyhiring for – #cybersecurity #incidentresponse #engineer #PrimarySkillset : SOC - #splunk , #qualys , #siem (#1st #round #face2face #required ) #shift – 24/7 #location – #bangalore #noticeperiod – #immediatejoiners to #30days #Experience – #6years + #relevant #experience – #5years #JobProfileSummary As the CSIR engineer, the typical day can vary greatly depending on the specific position. They may begin their day by looking over dashboards, reports from the previous day or shift, including checking for any new threats and identifying malware that may have infiltrated the system. also prepare for and respond to system breaches or attacks. These processes might differ between Clients, but they generally include responding to hacks or network insecurities and working to prevent new ones. Your key responsibilities will include but are not limited to: Manage day-to-day operations of reviewing SIEM alert and other vulnerability management tools. Ensure that all the various environments within the Client have adequate scans and assessments performed. Participate in security incident response process when required. Support the Security Management Lifecycle including: o Real-time Monitoring o Incident investigation. o Research. o Correlation. o Trending. o Remediation. o Setup and configure SIEM, including data analysis, rule creation. establish thresholds, reference lists, and other duties. o Setup, investigate, and advanced troubleshooting of log transport agents. Work with Client technology owners and platform leads to ensure vulnerabilities and issues are patched and remediated on time. Oversee the implementation and management of operational security reporting activities. Regularly, meet with the internal team to review security reports, status, review any risks, issues, incidents, and outstanding activities. Vulnerability Management, Malware analysis, Threat hunting and assist in forensic analysis. Managing stakeholder expectations and assisting in the reduction of the impact of a cybersecurity event or incident. Contribute to maintaining knowledge base/playbooks by updating procedural documentation. Actively participate in process improvement with other team members and Wider team. Conduct presentations of the security breaches findings to the business and advise on new measures required to prevent reoccurrence of similar breaches. What would make you a good fit for this role? (Mandatory skills) Experience in working in Security Operation Centre. Demonstrated genuine interests and passion for cybersecurity, incident problem solving is a must. Working knowledge of security operations environments and security incident management & response handling. Hands-on experience in managing Splunk, other SIEM logging solution like Microsoft Sentinel, ArcSight, LogRythm. Hands-on knowledge on the creation of use cases within SIEM solution including advanced correlation rules. share your resume at chakravarthi@pr-talent.com

SOC (Security Operations Center) roles are essential components of cybersecurity frameworks within organizations. They encompass various positions dedicated to monitoring, detecting, analyzing, and responding to security incidents and threats in real-time. The roles within a SOC can vary depending on the size of the organization, its security needs, and the complexity of its IT infrastructure. Forensic Investigator: Specialize in digital forensics and incident investigation, collecting, preserving, and analyzing digital evidence from compromised systems, network logs, and memory dumps to reconstruct the timeline of security incidents and identify perpetrators. Security Engineer: Design, implement, and maintain security controls and technologies within the organization's IT infrastructure, integrating security solutions, configuring security policies, and ensuring compliance with industry standards. SOC Manager/Team Lead: Oversee the daily operations of the SOC, including staff management, resource allocation, strategic planning, defining SOC procedures, establishing performance metrics, and liaising with senior management and stakeholders. Compliance Auditor: Ensure that the organization's security practices align with regulatory requirements, industry standards, and internal policies, conducting audits, assessments, and reviews to identify compliance gaps, recommend remediation actions, and maintain compliance certifications. Incident Responder: Specialized analysts who handle security incidents from identification to resolution, gather evidence, contain breaches, mitigate damages, and restore systems and services affected by security incidents. SOC Analyst: Frontline defenders responsible for monitoring security events and alerts generated by security systems, investigating potential security incidents, assessing their severity, and initiating incident response procedures when necessary. Threat Hunter: Proactively search for signs of malicious activity or threats that may evade traditional security measures, utilizing advanced security analytics, and forensics techniques to identify stealthy threats and vulnerabilities. #SOC #socanalyst #cybersecurity #infosec #womenininfosec #wii #threathunting

Urgently Hiring for – #cybersecurity #incidentresponse #engineer #PrimarySkillset : SOC - #splunk , #qualys , #siem #shift – 24/7 #location – #bangalore #noticeperiod – #immediatejoiners to #45days #Experience – #6years + #relevant #experience – #6years + #JobProfileSummary As the CSIR engineer, the typical day can vary greatly depending on the specific position. They may begin their day by looking over dashboards, reports from the previous day or shift, including checking for any new threats and identifying malware that may have infiltrated the system. also prepare for and respond to system breaches or attacks. These processes might differ between Clients, but they generally include responding to hacks or network insecurities and working to prevent new ones. Your key responsibilities will include but are not limited to: Manage day-to-day operations of reviewing SIEM alert and other vulnerability management tools. Ensure that all the various environments within the Client have adequate scans and assessments performed. Participate in security incident response process when required. Support the Security Management Lifecycle including: o Real-time Monitoring o Incident investigation. o Research. o Correlation. o Trending. o Remediation. o Setup and configure SIEM, including data analysis, rule creation. establish thresholds, reference lists, and other duties. o Setup, investigate, and advanced troubleshooting of log transport agents. Work with Client technology owners and platform leads to ensure vulnerabilities and issues are patched and remediated on time. Oversee the implementation and management of operational security reporting activities. Regularly, meet with the internal team to review security reports, status, review any risks, issues, incidents, and outstanding activities. Vulnerability Management, Malware analysis, Threat hunting and assist in forensic analysis. Managing stakeholder expectations and assisting in the reduction of the impact of a cybersecurity event or incident. Contribute to maintaining knowledge base/playbooks by updating procedural documentation. Actively participate in process improvement with other team members and Wider team. Conduct presentations of the security breaches findings to the business and advise on new measures required to prevent reoccurrence of similar breaches. What would make you a good fit for this role? (Mandatory skills) Experience in working in Security Operation Centre. Demonstrated genuine interests and passion for cybersecurity, incident problem solving is a must. Working knowledge of security operations environments and security incident management & response handling. Hands-on experience in managing Splunk, other SIEM logging solution like Microsoft Sentinel, ArcSight, LogRythm. Hands-on knowledge on the creation of use cases within SIEM solution including advanced correlation rules. kindly share your resume at chakravarthi@pr-talent.com or ping me on messenger

#urgentlyhiring for – #cybersecurity #incidentresponse #engineer #PrimarySkillset : SOC - #splunk , #qualys , #siem (#1st #round #face2face #mandatory ) #shift – 24/7 #location – #bangalore #noticeperiod – #immediatejoiners to #30days #Experience – #6years + #relevant #experience – #5years #JobProfileSummary As the CSIR engineer, the typical day can vary greatly depending on the specific position. They may begin their day by looking over dashboards, reports from the previous day or shift, including checking for any new threats and identifying malware that may have infiltrated the system. also prepare for and respond to system breaches or attacks. These processes might differ between Clients, but they generally include responding to hacks or network insecurities and working to prevent new ones. Your key responsibilities will include but are not limited to: Manage day-to-day operations of reviewing SIEM alert and other vulnerability management tools. Ensure that all the various environments within the Client have adequate scans and assessments performed. Participate in security incident response process when required. Support the Security Management Lifecycle including: o Real-time Monitoring o Incident investigation. o Research. o Correlation. o Trending. o Remediation. o Setup and configure SIEM, including data analysis, rule creation. establish thresholds, reference lists, and other duties. o Setup, investigate, and advanced troubleshooting of log transport agents. Work with Client technology owners and platform leads to ensure vulnerabilities and issues are patched and remediated on time. Oversee the implementation and management of operational security reporting activities. Regularly, meet with the internal team to review security reports, status, review any risks, issues, incidents, and outstanding activities. Vulnerability Management, Malware analysis, Threat hunting and assist in forensic analysis. Managing stakeholder expectations and assisting in the reduction of the impact of a cybersecurity event or incident. Contribute to maintaining knowledge base/playbooks by updating procedural documentation. Actively participate in process improvement with other team members and Wider team. Conduct presentations of the security breaches findings to the business and advise on new measures required to prevent reoccurrence of similar breaches. What would make you a good fit for this role? (Mandatory skills) Experience in working in Security Operation Centre. Demonstrated genuine interests and passion for cybersecurity, incident problem solving is a must. Working knowledge of security operations environments and security incident management & response handling. Hands-on experience in managing Splunk, other SIEM logging solution like Microsoft Sentinel, ArcSight, LogRythm. Hands-on knowledge on the creation of use cases within SIEM solution including advanced correlation rules. share your resume #at chakravarthi@pr-talent.com