Job
Description
Job Title: Lead SOC Analyst (L3) Experience Required: • Minimum 9 years of relevant experience with BCA/BSc-IT • Or minimum 7 years of relevant experience with B.E./B.Tech/MCA Educational & Certification Requirements: • Bachelor’s or Master’s degree in Information Technology, Computer Science, or equivalent • Mandatory Certifications: CEH and/or CHFI • At least one additional relevant security certification (e.g., CISSP, CISM, GCIA, GCIH, etc.) ________________________________________ Key Responsibilities: • Supervise and review all L3 SOC activities, ensuring quality and timely execution. • Identify and automate repetitive/mundane tasks to improve operational efficiency. • Conduct threat modelling for company assets and define precise use cases for threat detection. • Improve threat hunting capabilities using advanced tools and techniques. • Develop and optimize content for security detection, including tuning to reduce false positives. • Lead and manage incident response activities and continuously enhance incident response plans. • Ensure real-time synchronization between DC and DR environments. • Participate in Disaster Recovery (DR) drills, cyber drills, and tabletop exercises. • Perform detailed analysis of Windows and Linux log events, and optimize queries, dashboards, and reports. • Ensure log ingestion from various sources and implement incident/vulnerability automation via SOAR platforms. • Analyze threat intelligence feeds, derive actionable insights, and define relevant detection use cases. • Review and maintain Standard Operating Procedures (SOPs), including version and change control. • Oversee vulnerability management, including remediation, patching, and version upgrades. • Generate and share SOC performance metrics and management-level reports. • Provide support during forensic investigations and advanced threat hunting engagements. • Continuously assess technology maturity against global standards and fine-tune configurations and policies. • Develop and manage technology roadmaps and enhancement plans, ensuring timely delivery of improvements. • Provide on-the-job training and mentorship to internal SOC team members. • Handle all escalations for L1, L2, and L3 teams effectively. • Prepare and deliver presentations on current SOC capabilities, use cases, automation initiatives, and roadmap planning. • Demonstrate strong proficiency in Microsoft Word, Excel, and PowerPoint for documentation and reporting. ________________________________________ Key Skills: • Deep expertise in log analysis, incident response, threat hunting, and threat intelligence • Hands-on experience with SIEM, SOAR, and other SOC technologies (ArcSight) • Strong understanding of Windows and Linux log sources • Experience managing cross-functional SOC teams and overseeing operational escalations • Excellent communication and documentation skills
