Security Architect

Project Role Security Architect

Project Role Description Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations.
Must have skills Security Information and Event Management (SIEM)

Good to have skills NA
Minimum 2 year(s) of experience is required

Educational Qualification 15 years full time education
SummaryAs an L1 SOC Analyst you are the first line of defense in monitoring and triaging security alerts. You will work primarily with Splunk SIEM and Sentinal One EDR to identify potential security incidents, validate alerts, and escalate them according to the defined SOPs. You will ensure real-time visibility and log health while flagging suspicious activity promptly. This role is essential to ensuring timely detection and reduce noise from false positives.
Roles & Responsibilities: --Basic Security KnowledgeUnderstanding of key concepts (malware, phishing, brute force, etc.)-SIEM FamiliarityExposure to Splunk UI and understanding how to read/query logs-Exposure to CrowdStrike Falcon ConsoleAbility to view and interpret endpoint alerts-Alert TriageAbility to differentiate between false positives and real threats-Alert Triage & InvestigationExperience investigating escalated alerts using SIEM or EDR-Hands-on experience with CrowdStrike EDR investigations-Ticketing SystemsFamiliarity with platforms like JIRA, ServiceNow, or similar-Basic understanding of cybersecurity fundamentals-Good analytical and triage skills-Basic ScriptingAwareness of PowerShell or Python for log parsing-SOAR ExposureFamiliarity with automated triage workflows-Security CertificationsSecurity+, Microsoft SC-900, or similar certification-Operating System BasicsWindows and Linux process and file system awareness-Monitor real-time alerts and dashboards in Splunk SIEM-Perform initial triage on alerts and determine severity/priority-Escalate validated security incidents to L2 analysts per defined SOPs-Follow pre-defined SOAR playbooks to document or assist in response-Ensure alert enrichment fields are populated (host info, user details, etc.)-Conduct basic log searches to support alert analysis-Perform daily health checks on log sources and ingestion pipelines-Maintain accurate ticket documentation for each alert handled-Participate in shift handovers and team sync-ups for awareness Professional & Technical Skills:

-SIEMBasic log searching, correlation rule awareness-SOARFamiliarity with playbook execution--Security ConceptsBasic understanding of malware, phishing, brute force-ToolsSentinal One EDR, Splunk SIEM
Additional Information:

The candidate should have minimum 2 years of experience in Security Information and Event Management (SIEM).

This position is based at our Gurugram office.

A 15 years full time education is required.
 Qualification 15 years full time education