Security Operations Center Lead

Job Description

Hello Sacumen is Hiring for Immediate SOC Professionals with diversified experience (L2: 3-6 Yrs) & (Lead: 8 - 10 Yrs) for its Bangalore Location (Koramangala) Please find below JD for your reference. Job Description: SOC s Lead MDR Analysist Experience: 8 - 10 Years Industry: Cybersecurity / IT Services Employment Type: Full time Employment Work Location: Work from office, Bangalore Shift: 24x7 support as Rotating Shifts Role Overview: We are looking for an experienced and proactive MDR Analyst Level 2 to serve as an escalation point for Level 1 analysts and assist in deeper investigation, analysis, and containment of security incidents. The ideal candidate should have solid experience in security monitoring, threat detection, and incident response in a fast-paced environment. Key Responsibilities: Review, validate, and investigate alerts escalated by L1, L2, and Lead analysts. Conduct in-depth analysis of suspicious activities using SIEM, EDR, NDR, and other security tools. Identify and respond to confirmed incidents, executing containment and remediation actions when required. Develop and refine incident response playbooks and detection logic. Collaborate with internal stakeholders and clients to provide context, mitigation steps, and post-incident reports. Perform threat hunting activities to proactively identify indicators of compromise (IOCs). Conduct root cause analysis and suggest improvements in detection and prevention mechanisms. Mentor and guide L1 analysts and assist with their training and development. Maintain documentation of investigations, escalations, and lessons learned. Required Skills and Qualifications: Bachelor's degree in Cybersecurity, Computer Science, or related field (or equivalent work experience). 8 - 10 years of experience in a SOC/MDR environment. Strong understanding of security frameworks and attack methodologies (e.g., MITRE ATT&CK, Kill Chain). Hands-on experience with SIEM platforms (e.g., Splunk, Sentinel, QRadar) and EDR solutions (e.g., CrowdStrike, Carbon Black, SentinelOne). Hands on working experience with Cloud security related alerts (AWS,Azure,Google cloud,etc.) Familiarity with scripting or automation tools (e.g., Python, PowerShell, SOAR platforms) is a plus. Solid understanding of network protocols, operating systems (Windows, Linux), and log analysis. Strong analytical and communication skills. Ability to work under pressure and handle multiple tasks simultaneously. Page 1 of 2