#16338_R226403
Expedite with AI/ML workflows and capabilities - Utilize KQL for querying and correlating data to identify and address threats.
Develop and manage automated detection rules and playbooks in Microsoft Sentinel.
Employ Microsoft Defender and MS Purview Data Loss Prevention (DLP) tools to enhance endpoint protection and data security.
Threat Hunting and Data Forensics:
Conduct proactive threat hunting and data forensics to uncover potential threats.
Utilize advanced threat intelligence platforms to inform and refine threat detection strategies.
Develop and execute SOC playbooks to improve response and operational efficiency.
Team Collaboration and Leadership:
Triage and assist on complex incidents and investigations.
Collaborate with USA Security escalation teams and departments to enhance overall security posture.
Assist in developing and refining SOC procedures and best practices.
Career Development:
Opportunities for progression to SOC Lead and Architect roles.
Access to continuous learning, certifications, and professional development resources.
Regular performance reviews to discuss career growth and advancement.
What we are looking for :
Qualifications:
Preferred Bachelor's degree in Computer Science, Cybersecurity, or a related field.
3-5 years of experience as a SOC analyst, preferably with lead responsibilities.
Strong knowledge of KQL (Kusto Query Language) for querying and analyzing security data.
Hands-on experience with Microsoft Sentinel, including rule creation, playbook implementation, and workbooks.
Proficiency in Microsoft Defender and MS Purview Data Loss Prevention (DLP).
Certifications such as CISSP, CEH, or CompTIA Security+ are a plus.
Core Technologies and Expertise Required:
Microsoft Sentinel: Experience with SIEM, rule creation, playbooks, and workbooks.
KQL (Kusto Query Language): Proficiency in querying and data correlation.
Microsoft Defender: Expertise in endpoint protection and threat detection.
MS Purview Data Loss Prevention (DLP): Experience with data protection and loss prevention strategies.
Incident Response Tools: Knowledge of containment and recovery strategies.
Vulnerability Management Tools: Experience in assessments, penetration tests, and threat monitoring.
Threat Intelligence Platforms: Ability to leverage and analyze threat intelligence.
Network Security: Working knowledge of firewalls, IDS/IPS, and network security protocols.
Data Forensics: Proficient in data forensic analysis and investigation.
SOC Playbooks: Proficient in creating and managing SOC playbooks.
Additional Skills:
Strong understanding of incident response processes and procedures.
Excellent analytical and problem-solving skills.
Ability to work within a well-managed team
Shift Coverage: Rotational 24x7 shifts.
Arrow Electronics, Inc. (NYSE: ARW), an award-winning Fortune 133 and one of Fortune Magazine's Most Admired Companies. Arrow guides innovation forward for over 220,000 leading technology manufacturers and service providers. With 2023 sales of USD $33.11 billion, Arrow develops technology solutions that improve business and daily life. Our broad portfolio that spans the entire technology landscape helps customers create, make and manage forward-thinking products that make the benefits of technology accessible to as many people as possible. Learn more at https://www.arrow.com.
Our strategic direction of guiding innovation forward is expressed as Five Years Out, a way of thinking about the tangible future to bridge the gap between what's possible and the practical technologies to make it happen. Learn more at https://https://www.fiveyearsout.com/.
Location:
IN-KA-Bangalore, India (SKAV Seethalakshmi) GESC
Time Type:
Full time
Job Category:
Information Technology