Principal Engineer – M365 Security SOC Analyst - Netwoven

Principal Engineer – M365 Security SOC Analyst

Key Skills:


Job Type: Full-Time

Location: Kolkata/Bangalore/Remote

Remote Work Available

Key Responsibilities:

Security Operations Centre (SOC) Analysis and Monitoring:

  • Lead the day-to-day operations of the SOC, overseeing security incident monitoring, detection, analysis, and response activities.
  • Develop and maintain SOC playbooks, standard operating procedures (SOPs), and response plans to ensure efficient and effective incident response.
  • Investigate security incidents and alerts, perform root cause analysis, and provide recommendations to prevent future occurrences.
  • Conduct regular vulnerability assessments, penetration testing, and security audits to identify and mitigate potential threats.

Incident Response and Threat Intelligence:

  • Stay up to date with the latest security threats, vulnerabilities, and attack vectors related to various tools and platforms.
  • Monitor threat intelligence sources and collaborate with external partners to proactively identify and mitigate potential security risks.
  • Lead incident response efforts during security breaches or cyber incidents, coordinating with internal teams and external stakeholders to contain and resolve incidents in a timely manner.
  •  Conduct post-incident reviews and lessons learned sessions to improve incident response processes and enhance overall security posture.

Security Tool Implementation and Management:

  • Evaluate, select, and implement security tools and technologies to enhance the capabilities of the SOC.
  •  Manage and maintain security tools such as SIEM (Security Information and Event Management) systems, IDS/IPS (Intrusion Detection and Prevention Systems), EDR (Endpoint Detection and Response) solutions, and other relevant security technologies.
  • Configure and tune security tools to optimize performance, detection accuracy, and minimize false positives.
  • Collaborate with vendors and internal stakeholders to ensure effective integration and interoperability between security tools and systems.

Key Skills Requirements:

Advanced knowledge of Security Operations Center (SOC) operations, incident response, and security monitoring practices.
• Proficiency in utilizing and managing SIEM (Security Information and Event Management) systems, such as Splunk, ArcSight, or QRadar, for log aggregation, correlation, and threat detection.
• Experience in analysing and investigating security incidents, conducting root cause analysis, and recommending remediation actions to mitigate future occurrences.
• In-depth understanding of various security technologies, including intrusion detection/prevention systems (IDS/IPS), network security tools, antivirus/antimalware solutions, and vulnerability management tools.
• Expertise in conducting threat intelligence analysis, leveraging external feeds, open-source intelligence (OSINT), and collaboration with external partners to identify emerging threats and vulnerabilities.
• Familiarity with incident response frameworks and methodologies, such as the NIST Incident Response Framework or the SANS Incident Response Process, to guide efficient and effective incident handling.
• Strong knowledge of network protocols, network traffic analysis, and network security principles to detect and respond to network-based threats.
• Proficient in performing log analysis, packet capture analysis, and malware analysis to identify indicators of compromise (IOCs) and advanced persistent threats (APTs).
• Understanding of cloud security principles and experience in monitoring and securing cloud environments, such as AWS, Azure, or GCP.
• Knowledge of endpoint detection and response (EDR) solutions, such as Carbon Black, CrowdStrike, or Sentinel One, to detect and respond to threats at the endpoint level.
• Proficiency in conducting vulnerability assessments and penetration testing using tools like Nessus, Qualys, or Metasploit, and providing recommendations for vulnerability remediation.
• Familiarity with regulatory compliance requirements, such as GDPR, HIPAA, or PCI DSS, and the ability to ensure SOC processes align with these standards.
• Strong analytical and problem-solving skills to identify patterns, trends, and anomalies in security events and incidents.
• Excellent communication and reporting skills, with the ability to effectively communicate complex security concepts to technical and non-technical stakeholders.
• Collaboration and teamwork capabilities to work effectively with cross-functional teams, including network engineers, system administrators, and security analysts.
• Continuous learning and staying updated with the latest threat landscape, attack techniques, and security technologies through self-study, training, and industry events.

Experience required:

• 12+ work experience in IT industry
• 4+ years relevant experience

Qualifications Required:

• Bachelor’s degree in computer science, Information Security, or a related field. Equivalent industry experience will also be considered.

Excited about this opportunity?

Apply Now

Unravel The Complex
Stay Connected

Subscribe and receive the latest insights

Netwoven Inc. - Microsoft Solutions Partner

Get involved by tagging Netwoven experiences using our official hashtag #UnravelTheComplex