Description
L1 Support Engineer• Monitor QRadar operator dashboard for Security Incidents / tickets during NL Business hours 9:00am till 6:00pm
• Assess the L1 Incidents and respond based on Run-Book/Playbooks updates / report and follow-up for response ./ resolution via L2 and L3 team,
• Align security incident and event review and analysis to prescribed Managed Security Services Operations Playbook
• Conduct introductory analysis into security breaches at customer sites using high-fidelity alerts and tools within Customer environment, TechM and online.
• Review alerts generated by SIEM based on:
o security detection tools,
o correlate with device logs,
o and other forms of available telemetry
• Interpret the above data in the security analysis process
• Maintain up-to-date information in alert handling tools
• Where Customer SLA governs timing, the Analyst must work within the timing bounds to acknowledge and resolve alerts
• Vigilantly protect Customer data confidentiality and integrity, ensuring proper handling and protection electronically, physically, and verbally
• Work in assigned shift and ensure shift is covered personally.
• Document best practices with the SOC staff using available collaboration tools and workspaces