Description

Must have : IBM QRadar and Splunk , IBM Resilient , Play books Creation , Security use case management.

 

Required Expertise

The ideal candidate for a SOC L1 position should have a strong understanding of cybersecurity concepts and a basic understanding of various security technologies and SIEM tools including the Splunk and QRadar XDR tool.

Additionally, should possess excellent analytical and problem-solving skills, as well as strong written and verbal communication skills.

Ability to work effectively in a fast-paced and dynamic environment.

 

Key Responsibilities:

A SOC (Security Operations Center) Level 3 with expertise in SIEM tools (like QRadar on Cloud (QROC), Splunk, Rapid7 ) is a crucial member of an organization's cybersecurity team, responsible for providing advanced technical support and incident response.

 

The main responsibilities of a SOC L3 Technician with QROC experience include:

Utilizing the QROC and Splunk tool to monitor the security environment for potential threats and incidents.

Analyzing and triaging security alerts generated by the QROC and Splunk tool, making informed decisions on the appropriate response.

Responding to security incidents, taking appropriate actions to contain, mitigate, and remediate security threats.

Collaborating with other members of the SOC team, as well as internal and external stakeholders, to resolve complex security incidents.

Keeping up to date with the latest cybersecurity threats, trends, and technologies to improve the efficiency and effectiveness of incident response.

Documenting security incidents, responses, and related information in accordance with established procedures.

Mentoring and training lower-level SOC technicians on the use of the QROC tool and incident response best practices.

Education

Any Graduate