Security Operations Center Analyst

Wipro • Full-time • أبو ظبي, AE • 1w ago

Role- SOC analyst

Location - Abu Dhabi

We are seeking a highly skilled and motivated Engineer with experience as a Senior Threat Intelligence Analyst to join our Cyber Threat Intelligence team. The selected candidate will support threat intelligence monitoring, analysis, enrichment, and reporting activities. This role requires strong technical expertise in Microsoft Sentinel, Logstash, Power BI, Azure Logic Apps, and Power Automate, combined with analytical and programming skills to enhance threat intelligence operations

Key Responsibilities

Analyze and interpret threat intelligence data to identify potential security risks and vulnerabilities.
Perform collection, enrichment, analysis, and reporting of cyber threat intelligence relevant to the organization’s operations and interests.
Monitor and analyze alerts and findings from Digital Exposure Monitoring and Attack Surface Management (ASM) tools, handling newly identified threats and incidents, and coordinating with relevant teams for validation and response.
Monitor dark web forums, hacker channels, and cybercriminal marketplaces for emerging threats, indicators, and threat actor activities.
Correlate and enrich threat intelligence indicators (IOCs) with internal telemetry and external sources to improve detection and context.
Support incident response by providing intelligence assessments, profiling threat actors, and mapping TTPs using MITRE ATT&CK framework.
Develop, implement, and maintain security monitoring and detection systems using Sentinel and Logstash.
Utilize Power BI to visualize and report security metrics, trends, and intelligence insights.
Create and manage workflows in Azure Logic Apps and Power Automate to streamline intelligence operations.
Automate repetitive intelligence tasks and data processing workflows to enhance operational efficiency
Query and manipulate data using KQL and SQL for in-depth analysis and reporting.
Develop scripts and automation tools in Python to enhance security operations.
Conduct proactive threat hunting using Sentinel and KQL to detect emerging or hidden threats.
Integrate multiple threat intelligence sources and feeds into monitoring and analysis systems.
Collaborate with internal teams and external partners to improve intelligence collection, analysis, and reporting capabilities.
Prepare periodic and ad-hoc cyber threat intelligence reports and presentations tailored for technical and executive audiences.
Stay updated on the latest threat intelligence trends, tools, and methodologies.

Required Skills & Experience

Solid background in cyber threat intelligence operations, OSINT, and dark web monitoring.
Hands-on experience with Microsoft Sentinel (analytic rules, hunting queries, KQL, workbooks).
Hands-on experience with Logstash for log ingestion, parsing, enrichment, and forwarding.
Skilled in Power BI for building interactive dashboards, reports, and visualizations.
Experience with Azure Logic Apps and Power Automate for workflow automation.
Strong proficiency in KQL for threat hunting and data analysis.
Proficiency in SQL for querying and managing datasets.
Programming experience in Python for developing automation scripts, data processing, and working with APIs.
Strong knowledge of MITRE ATT&CK, cyber kill chain, and common threat actor TTPs.
Strong understanding and hands-on experience in incident response and incident handling processes.
AL/ML experience related to Cyber Security domain will be an added advantage.
Strong analytical, investigative, and technical writing skills.

Soft Skills

Excellent communication and teamwork abilities.
Ability to work in a fast-paced and dynamic environment.
Strong problem-solving skills and critical thinking mindset.
Strong attention to detail with analytical rigor.
Ability to clearly communicate complex findings to both technical and non-technical stakeholders.
Collaborative approach with the ability to work across teams and functions.

Preferred Certifications (Good to Have):