Principal Engineer – M365 Security SOC Analyst - Netwoven
Careers

Principal Engineer – M365 Security SOC Analyst

Key Skills:
SOC

Careers

Job Type: Full-Time

Location: Kolkata/Bangalore/Remote

Remote Work Available

Key Responsibilities:

Security Operations Centre (SOC) Analysis and Monitoring:

  • Lead the day-to-day operations of the SOC, overseeing security incident monitoring, detection, analysis, and response activities.
  • Develop and maintain SOC playbooks, standard operating procedures (SOPs), and response plans to ensure efficient and effective incident response.
  • Investigate security incidents and alerts, perform root cause analysis, and provide recommendations to prevent future occurrences.
  • Conduct regular vulnerability assessments, penetration testing, and security audits to identify and mitigate potential threats.

Incident Response and Threat Intelligence:

  • Stay up to date with the latest security threats, vulnerabilities, and attack vectors related to various tools and platforms.
  • Monitor threat intelligence sources and collaborate with external partners to proactively identify and mitigate potential security risks.
  • Lead incident response efforts during security breaches or cyber incidents, coordinating with internal teams and external stakeholders to contain and resolve incidents in a timely manner.
  •  Conduct post-incident reviews and lessons learned sessions to improve incident response processes and enhance overall security posture.

Security Tool Implementation and Management:

  • Evaluate, select, and implement security tools and technologies to enhance the capabilities of the SOC.
  •  Manage and maintain security tools such as SIEM (Security Information and Event Management) systems, IDS/IPS (Intrusion Detection and Prevention Systems), EDR (Endpoint Detection and Response) solutions, and other relevant security technologies.
  • Configure and tune security tools to optimize performance, detection accuracy, and minimize false positives.
  • Collaborate with vendors and internal stakeholders to ensure effective integration and interoperability between security tools and systems.

Key Skills Requirements:

Advanced knowledge of Security Operations Center (SOC) operations, incident response, and security monitoring practices.
• Proficiency in utilizing and managing SIEM (Security Information and Event Management) systems, such as Splunk, ArcSight, or QRadar, for log aggregation, correlation, and threat detection.
• Experience in analysing and investigating security incidents, conducting root cause analysis, and recommending remediation actions to mitigate future occurrences.
• In-depth understanding of various security technologies, including intrusion detection/prevention systems (IDS/IPS), network security tools, antivirus/antimalware solutions, and vulnerability management tools.
• Expertise in conducting threat intelligence analysis, leveraging external feeds, open-source intelligence (OSINT), and collaboration with external partners to identify emerging threats and vulnerabilities.
• Familiarity with incident response frameworks and methodologies, such as the NIST Incident Response Framework or the SANS Incident Response Process, to guide efficient and effective incident handling.
• Strong knowledge of network protocols, network traffic analysis, and network security principles to detect and respond to network-based threats.
• Proficient in performing log analysis, packet capture analysis, and malware analysis to identify indicators of compromise (IOCs) and advanced persistent threats (APTs).
• Understanding of cloud security principles and experience in monitoring and securing cloud environments, such as AWS, Azure, or GCP.
• Knowledge of endpoint detection and response (EDR) solutions, such as Carbon Black, CrowdStrike, or Sentinel One, to detect and respond to threats at the endpoint level.
• Proficiency in conducting vulnerability assessments and penetration testing using tools like Nessus, Qualys, or Metasploit, and providing recommendations for vulnerability remediation.
• Familiarity with regulatory compliance requirements, such as GDPR, HIPAA, or PCI DSS, and the ability to ensure SOC processes align with these standards.
• Strong analytical and problem-solving skills to identify patterns, trends, and anomalies in security events and incidents.
• Excellent communication and reporting skills, with the ability to effectively communicate complex security concepts to technical and non-technical stakeholders.
• Collaboration and teamwork capabilities to work effectively with cross-functional teams, including network engineers, system administrators, and security analysts.
• Continuous learning and staying updated with the latest threat landscape, attack techniques, and security technologies through self-study, training, and industry events.

Experience required:

• 12+ work experience in IT industry
• 4+ years relevant experience

Qualifications Required:

• Bachelor’s degree in computer science, Information Security, or a related field. Equivalent industry experience will also be considered.

Excited about this opportunity?

Apply Now

Dublin Chamber of Commerce
Microsoft Partner
Microsoft Partner
Microsoft Partner
Microsoft Partner
Microsoft Partner
Microsoft Partner
Microsoft Fast Track
Microsoft Partner
Microsoft Fabric
MISA
MISA
Unravel The Complex
Stay Connected

Subscribe and receive the latest insights

Netwoven Inc. - Microsoft Solutions Partner

Get involved by tagging Netwoven experiences using our official hashtag #UnravelTheComplex