Job
Description
Analyst Level 3 Security Operations Centre (SOC) Ways of working Full-time with rotational shifts and mandatory Work from Office Location: Embassy Tesh Village, Bangalore Year of Experience: 5+ years in a SOC or security operations environment, with at least 2 years in a senior or advanced analyst role, About The Team & Role As a Level 3 Security Operations Centre (SOC) Analyst, you will be responsible for identifying, analyzing, and responding to security incidents and threats within an organization's IT infrastructure This senior role demands a high level of expertise in security operations, threat analysis, and incident response You will work closely with other teams, including Level 1 and Level 2 analysts, management, and engineering, to ensure the security of the organization's network and systems Your work will contribute to detecting and mitigating advanced cyber threats, ensuring that the organization remains protected against emerging risks, What will you get to do here Incident Response & Investigation Lead investigations of complex security incidents, including intrusion detection, malware analysis, and vulnerability exploitation, Perform in-depth analysis of security incidents to determine their scope, impact, and method of attack, Take immediate and appropriate action to contain, mitigate, and resolve security threats, Threat Hunting Proactively hunt for hidden threats and vulnerabilities within the organization's systems and networks, Analyze logs and data from multiple sources (e-g , firewalls, intrusion detection systems, antivirus solutions) to identify patterns indicative of malicious activity, Utilize advanced threat intelligence to stay ahead of potential attackers and new attack vectors, Security Monitoring & Analysis Oversee and manage security monitoring tools to detect potential security incidents and vulnerabilities, Analyze alerts and reports generated by various security tools, ensuring accuracy and appropriateness, Ensure the effective operation and tuning of SIEM (Security Information and Event Management) systems, IDS/IPS, and other security technologies, Identify and define new use cases as well as modify existing ones Collaboration & Knowledge Sharing Mentor and provide guidance to junior analysts (Level 1 and Level 2) in incident handling, investigation, and security best practices, Collaborate with IT, network, and engineering teams to resolve security issues and implement proactive security measures, Document incidents and maintain accurate records for reporting and auditing purposes, Reporting & Documentation Generate detailed post-incident reports that include findings, recommendations, and remediation steps, Assist in the development and maintenance of SOC procedures, playbooks, and security policies, Report trends and emerging threats to senior management and stakeholders, Create and maintain standard operating procedures (SOPs), playbooks, and runbooks, Lead root cause analysis and develop lessons learned documentation post-incident Continuous Improvement Stay up to date on the latest cybersecurity threats, trends, and technologies, Contribute to the development and improvement of incident response plans and security protocols, Participate in security training programs to continually enhance skills and capabilities, What qualities are we looking for Education: Bachelor's degree in Computer Science, Information Security, or related field, or equivalent experience, Experience: 5+ years of experience in a SOC or security operations environment, with at least 2 years in a senior or advanced analyst role, Technical Skills: Strong experience with security tools and SaaS Application, including SIEM (Splunk, Sentinel One, QRadar, etc ), IDS/IPS, firewalls, Endpoint Protection, DLP, Active Directory/Azure and vulnerability scanners, Expertise in incident response, digital forensics, and malware analysis, Deep understanding of security frameworks, methodologies, and best practices (NIST, ISO 27001, MITRE ATT&CK, etc ), Knowledge and experience of common operating systems (Windows, Mac, Linux) and networking protocols (TCP/IP, HTTP, DNS, etc ), Advanced understanding of cyber threats and attack vectors, including APTs (Advanced Persistent Threats), ransomware, DDoS, and insider threats, Familiarity with cloud security environments and services (AWS, Azure, GCP), Skills & Abilities: Strong written and verbal communication skills, with the ability to report findings to both technical and non-technical stakeholders, Ability to work well under pressure and manage multiple tasks simultaneously, Relevant certifications such as CISSP, CISM, CEH, GIAC, or similar are a plus, Desired Skills: Experience with threat intelligence platforms and frameworks, Proficiency in scripting or automation (Python, PowerShell, etc ) for threat detection and incident response tasks, Experience with network traffic analysis tools
