SOC Analyst - Immediate Joiners Only

Key Responsibilities

Leadership & Strategy

• Build and lead a high-performing 24x7 SOC team across L1, L2, L3, and Threat Hunt roles
• Define and continuously improve SOC processes, SLAs, escalation paths, and incident response workflows
• Develop KPIs, dashboards, and SOC maturity models aligned with MITRE ATT&CK, NIST, ISO 27001, and DPDP
• Act as bridge between SOC, GRC, DFIR, Threat Intel, and DevSecOps functions
• Own client relationships for SOC services, including reporting, performance reviews, and escalation handling

Operations & Execution

• Oversee monitoring of SIEM, EDR, NDR, Deception, and custom threat detection tools
• Lead triage and response of real-time incidents, ensuring root cause analysis and containment
• Drive continuous tuning of detection rules, threat intel enrichment, and correlation logic
• Ensure effective onboarding of new clients into the SOC from log ingestion to playbook alignment
• Define and enforce shift schedules, on-call rotations, and team readiness plans

Automation & Optimization

• Push for SOAR implementation, alert deduplication, and playbook automation
• Build operational checklists, SOPs, response templates, and documentation for repeatable excellence
• Collaborate with platform and engineering teams to integrate telemetry from cloud, API, OT, and IT sources

Communication & Reporting

• Prepare weekly, monthly, and executive SOC reports highlighting threat landscape, posture, and gaps
• Drive war-room sessions during major incidents, manage external and internal comms
• Train, mentor, and upskill SOC analysts to evolve into hunters and IR experts

Requirements

• Strong knowledge of SIEM (e.g., Splunk, ELK, QRadar, WAZHU), EDR (CrowdStrike, SentinelOne, etc.), SOAR, and threat intel tools
• Experience with incident response lifecycle, MITRE ATT&CK, threat modelling, and detection engineering
• Deep understanding of networking, log analysis, malware behaviour, and cloud security telemetry
• Familiarity with compliance frameworks: ISO 27001, NIST 800-53/61, SOC 2, DPDP
• Excellent people management and communication skills; ability to lead under pressure
• Experience in a MSSP / multi-tenant SOC environment is a strong plus
• Certifications like GCIA, GCIH, CISSP, CISM, CCSP, or SOC Manager-specific training is highly desirable