Security Operations Center Analyst

___________________________________________________________________________

- PLEASE SAVE WHATSAPP # +91 98114 11414 (Ashima)/ 9315248639 (Nishant)

- Ashima/ Nishant/Shreedevi is your POC from RexOreo Pvt Ltd.

-Queries : All emails will come from id : team@rexoreo.com , so please keep an eye.

_____________________________________________________________________________

Top Selection & Auto Elimination Criteria:

• Only Immediate joiners (0-30 days)

• Candidates Exprienced & Expert in ALL skills mentioned in "Must-Have Technical Skills " below in JDNeed to apply

• Mode : 4 days work from Office , 1 day WFH
• Relevant experiense range 10+ Years
• Position : L3 /L4 SOC Architect / Sr. SIEM Engineer
• Experience : 10-16 years

• Cab facility : No

• EMAIL @ team@rexoreo.com : A VOICE NOTE WHY YOU ARE FIT FOR THIS ROLE

__________________________________________________

Role Overview

SOC Level 3/4 Analyst

Must-Have Technical Skills :

SIEM / SOAR Expertise

• SIEM Engineer• Microsoft Sentinel• FortiSIEM• IBM QRadar• Splunk Enterprise Security• Elastic SIEM• Arcsight
  • Cortex XSOAR• SOAR automation• Playbook development• Parser development • Correlation rule engineering• Log onboarding• Use case development• Log source integration• Custom connector development

Advanced Investigation & Offence Analysis

• Threat investigation and triage• Offence deep analysis• Incident root cause analysis• Threat hunting
  • Behavioral analytics (UBA / EUBA)• MITRE ATT&CK mapping• Kill Chain analysis• Diamond Model investigation • TTP-based detection• Correlation and enrichment analysis• Threat intelligence enrichment • Forensic analysis• Memory and disk analysis• Network packet analysis (PCAP)• Lateral movement detection

Incident Response / Detection Engineering

• Incident response• Detection engineering• Alert tuning• Response playbook automation• Runbook development
  • EDR / XDR integration (CrowdStrike Falcon, SentinelOne, Defender for Endpoint) • IOC extraction• Threat containment automation• DFIR

Analytical / Technical Foundation

• Advanced threat analysis• Log correlation and pattern recognition• Anomaly detection
  • Python for SOC automation• KQL / SPL queries• PowerShell scripting • Data enrichment and contextual analysis• API-based integration• Cloud-native investigation (Azure / AWS)

Cloud / Hybrid Security Knowledge

• Azure Security Center• Microsoft Defender XDR• AWS GuardDuty• Google Chronicle
  • Cloud log ingestion• Hybrid log normalization• Azure Sentinel workbooks and rules

Good-to-Have / Preferred Technical Skills and Keywords :

Architecture & Engineering

• SOC architecture design• SIEM / SOAR architecture• Multi-tenant SOC engineering
  • MSSP environment management• High EPS architecture design• Detection lifecycle management

Automation & AI Integration

• AI-driven threat detection• Machine-learning detection models• Automated playbooks
  • Python-based enrichment automation• Integration with threat intel APIs • Ansible / Power Automate for SOC

Threat Intelligence Integration

• Threat intelligence feed ingestion• MISP / ThreatConnect / Anomali• STIX / TAXII feeds
  • IOC management• Adversary emulation

Governance / Reporting / Communication

• SOC KPI and metrics reporting• Threat posture reporting• Incident summary preparation
  • Compliance reporting (ISO 27001, SOC2, PCI DSS)

Other Required Skills :

Behavioral & Analytical Skills

• Analytical thinking• Hypothesis-driven threat hunting• Pattern recognition
  • Problem solving• Critical thinking• Proactive detection and validation

Communication, Leadership & Delivery

• Client-facing technical workshops• SOC implementation training• Runbook and SOP creation
  • Cross-team coordination (Network, Cloud, ITSM)• Mentoring SOC L1 / L2 teams • Stakeholder communication for SOC deployment

Why Join Us

• Cutting-edge SOC technology exposure
  • Opportunities for advanced detection engineering and automation projects • Collaboration with elite cyber defense teams and global clients