Security Operations Center Analyst

About Client:

Our Client is a global IT services company headquartered in Southborough, Massachusetts, USA. Founded in 1996, with a revenue of $1.8B, with 35,000+ associates worldwide, specializes in digital engineering, and IT services company helping clients modernize their technology infrastructure, adopt cloud and AI solutions, and accelerate innovation. It partners with major firms in banking, healthcare, telecom, and media.

Our Client is known for combining deep industry expertise with agile development practices, enabling scalable and cost-effective digital transformation. The company operates in over 50 locations across more than 25 countries, has delivery centers in Asia, Europe, and North America and is backed by Baring Private Equity Asia.

Job Title: SOC Lead – L3 Support

Key Skills: SOC L3 Analyst, SOC Analyst, Shift Incident Manager, Cyber Security Operations, SIEM

Job Locations: Noida

Experience: 7 - 9 Years

Budget: 9 - 13

Education Qualification: Any Graduation

The SOC L3 Analyst cum Shift Incident Manager plays a dual role: as a senior technical expert, handling complex security incidents and as the shift lead responsible for managing SOC operations during their assigned shift. This role is critical in ensuring 24x7 incident response, operational continuity, and escalation governance.

l Investigate and resolve escalated security incidents from L1 and L2 analysts.

l Perform deep-dive forensic analysis, triage, and root cause analysis (RCA) for critical and high-severity incidents

l Monitor the health and performance of SIEM infrastructure and security sensors.

l Tune and manage SIEM rules, correlation logic, and detection use cases.

l Coordinate with OEM vendors for platform issues or advanced threat resolution

l Act as the Incident Manager for the shift, overseeing all incident response activities and ensuring SLA adherence

l Lead shift handover meetings and maintain continuity across shifts.

l Assign tasks to L1/L2 analysts and ensure proper documentation in ITSM tools (e.g., ServiceNow)

l Escalate unresolved or critical issues to the SOC Manager or CDC Head as needed

l Maintain shift logs, incident metrics, and RCA documentation.

l Participate in governance forums and lessons learned reviews

l Provide feedback on detection quality, false positives, and tuning opportunities.

l Guide L1 and L2 analysts during investigations and response activities.

l Conduct training sessions and contribute to skill development plans

l Review and refine incident response procedures and playbooks.

l Collaborate with SIEM Engineers, SOAR Developers, and Content Writers to enhance detection and automation workflows

l Coordinate with DLP, EDR, and Email Security SMEs for multi-vector incident resolution

praneeth.n@people-prime.com