Lead - SOC Analyst

Organizations everywhere struggle under the crushing costs and complexities of “solutions” that promise to simplify their lives. To create a better experience for their customers and employees. To help them grow. Software is a choice that can make or break a business. Create better or worse experiences. Propel or throttle growth. Business software has become a blocker instead of ways to get work done.

There’s another option. Freshworks. With a fresh vision for how the world works.

At Freshworks, we build uncomplicated service software that delivers exceptional customer and employee experiences. Our enterprise-grade solutions are powerful, yet easy to use, and quick to deliver results. Our people-first approach to AI eliminates friction, making employees more effective and organizations more productive. Over 72,000 companies, including Bridgestone, New Balance, Nucor, S&P Global, and Sony Music, trust Freshworks’ customer experience (CX) and employee experience (EX) software to fuel customer loyalty and service efficiency. And, over 4,500 Freshworks employees make this possible, all around the world.

Fresh vision. Real impact. Come build it with us.

We are seeking an experienced and proactive Lead SOC Analyst to join our Security Operations Center team. The ideal candidate will bring deep expertise in SIEM and EDR technologies, strong incident analysis capabilities, and hands-on experience in automating incident response using SOAR platforms, particularly Palo Alto Cortex XSOAR. This role involves leading investigations, refining detection and response processes, and mentoring junior analysts.

Key Responsibilities:

• Lead and manage security incident investigations, ensuring timely containment, eradication, and recovery.
  

• Administer and fine-tune SIEM (e.g., Splunk, QRadar, Sentinel) and EDR platforms (e.g., CrowdStrike, SentinelOne, Carbon Black).
  

• Analyze and triage alerts from multiple sources, correlating events to detect threats and breaches.
  

• Design, develop, and maintain automated playbooks using Cortex XSOAR (Demisto) to streamline response workflows.
  

• Create and update runbooks, documentation, and reporting metrics for incident response activities.
  

• Provide technical guidance and mentorship to SOC analysts.
  

• Conduct regular threat hunting to proactively identify potential compromises.
  
• ​Recommend improvements in security posture based on incident patterns and root cause analysis.Qualif
  

ications5-7 ye

• ars of hands-on experience in a Security Operations Center environment.1-2 ye
  

• ars of experience in Cortex XSOAR (or equivalent) playbook development and SOAR automation.Strong
  

• knowledge of SIEM and EDR platforms, their configuration, log ingestion, tuning, and administration.Profic
  

• iency in analyzing Windows/Linux/Mac/Cloud logs, network traffic, and endpoint telemetry.Solid
  

• understanding of attack vectors, malware behavior, threat actors, and MITRE ATT&CK framework.Experi
  

• ence with scripting languages (e.g., Python, Bash) for automation and enrichment tasks. Pref
  er

red Qualifications:Certif

• ications such as GCIA, GCIH, CEH, CISSP, CySA+, or equivalent.Experi
  

• ence with threat hunting tools and methodologies.Knowle
  

• dge of cloud-native security monitoring (AWS, Azure, GCP). Soft
  

kills:Excell

• ent communication and documentation skills.Strong
  

• analytical thinking and problem-solving abilities.Abilit
  

• y to prioritize tasks under pressure and handle escalations effectively.Leader
  

• ship and mentoring capability in a fast-paced SOC environment. Addi
  ti

onal InformationAt Fre

shworks, we are creating a global workplace that enables everyone to find their true potential, purpose, and passion irrespective of their background, gender, race, sexual orientation, religion and ethnicity. We are committed to providing equal opportunity for all and believe that diversity in the workplace creates a more vibrant, richer work environment that advances the goals of our employees, communities and the business.