66 Soc Analyst Jobs

Job Title: L2 SOC Analyst Experience : 5 to 7 years Location: Trivandrum, Kochi, Chennai, Bangalore, Hyderabad Company: CyberProof, A UST Company Key Roles & Responsibilities Resolve, escalate, report, and raise recommendations for resolving and remediating security incidents Handle the advanced monitoring of system logs, SIEM tools, and network traffic for unusual or suspicious activity Set up SIEM solutions and troubleshoot connectivity issues Investigate and resolve security violations by providing post-mortem analysis to illuminate issues and possible solutions Collate security incident and event data to produce monthly exception and management reports Report unresolved network security exposure, misuse of resources, or noncompliance situations using defined escalation processes Assist and train team members in the use of security tools, the preparation of security reports, and the resolution of security issues Develop and maintain documentation for security systems and procedures Recommend, schedule, and apply fixes, security patches, and any other measures required, in the event of a security breach Experience & Qualifications Required Minimum 3+ years of experience as an Analyst working as part of a SOC team Experience with SIEM vendors such as Sentinel, QRadar, ArcSight, RSA, and LogRhythm from an IT Infra structure and have Nozomi experience in the OT side. Experience in incident response, and in writing procedures runbooks and playbooks Ability to work with customer s IT and security teams

24*7 cybersoc support to customer Plan, implement, configure, and migrate market-leading cyber security solutions (Qradar, Sentinel, Arbor, Qualys etc) Creation and implementation of new SIEM use cases (correlation rules), fine tuning, DDOS managed object, Qualys solution Configuration, onboarding, and parsing of new log sources in SIEM solution, creation of new MO, defining Threosholds in DDOS solution, working on malware analysis, mail analysis, qualys scanning etc Classification and investigation of alarms from different threat detection platforms and provision of the processed results to our customers Assessment of the effects of an attack, taking initial measures and making concrete recommendations for action, Improvement of response plans and incident playbooks Anomaly and attack pattern detection at all stages of the cyber killchain Tool-based and manual threat hunting to detect attacks after zero-day exploits or vulnerabilities with a potentially severe impact on customer environments become known Creation of security reports based on the security incidents within the reporting period Creation of reports and dashboards Ensure adherence to and implementation of best incident response procedures as well as internal and industry standards Participation in on-call duty to ensure incident response even outside of business hours education, qualifications, and certifications Degree / Diploma Holders with Cybersecurity knowledge Excellent verbal & written communication skills in English language Skill Set Mandatory skill set Good hands-on experience on SIEM tools like Qradar, Sentinel Knowledge on Microsoft Defender Knowledge of DDOS service & mitigation methodology Experience on Incident handling & response Certification in IBM Qradar SOC Analyst/Administratior, SC-200 Secondary skill set Knowledge on Python, any scripting language Malware investigation and reporting Forensic investigation of SPAM / Phising email incidents Knowledge on Qualys, Crowdstrike will be added advantage

24*7 cybersoc support to customer Plan, implement, configure, and migrate market-leading cyber security solutions (Qradar, Sentinel, Arbor, Qualys etc) Creation and implementation of new SIEM use cases (correlation rules), fine tuning, DDOS managed object, Qualys solution Configuration, onboarding, and parsing of new log sources in SIEM solution, creation of new MO, defining Threosholds in DDOS solution, working on malware analysis, mail analysis, qualys scanning etc Classification and investigation of alarms from different threat detection platforms and provision of the processed results to our customers Assessment of the effects of an attack, taking initial measures and making concrete recommendations for action, Improvement of response plans and incident playbooks Anomaly and attack pattern detection at all stages of the cyber killchain Tool-based and manual threat hunting to detect attacks after zero-day exploits or vulnerabilities with a potentially severe impact on customer environments become known Creation of security reports based on the security incidents within the reporting period Creation of reports and dashboards Ensure adherence to and implementation of best incident response procedures as well as internal and industry standards Participation in on-call duty to ensure incident response even outside of business hours education, qualifications, and certifications Degree / Diploma Holders with Cybersecurity knowledge Excellent verbal & written communication skills in English language Skill Set Mandatory skill set Good hands-on experience on SIEM tools like Qradar, Sentinel Knowledge on Microsoft Defender Knowledge of DDOS service & mitigation methodology Experience on Incident handling & response Certification in IBM Qradar SOC Analyst/Administratior, SC-200 Secondary skill set Knowledge on Python, any scripting language Malware investigation and reporting Forensic investigation of SPAM / Phising email incidents Knowledge on Qualys, Crowdstrike will be added advantage

SharkStriker is looking for SOC Analyst to join our dynamic team and embark on a rewarding career journey Monitor and analyze security alerts and incidents Respond to threats and escalate as necessary Conduct threat hunting and vulnerability assessments Document findings and support compliance efforts

Experience : 2 to 4 years Location : Bangalore / Hyderabad / Chennai / Kochi / Trivandum The primary role of a SOC Level 1 Analyst is to serve as the frontline defense, managing first triage and ranking of security cases, and initiating the threat detection and response processes for client-related security events. The Analyst is integral to the MDR, working collaboratively with other teams to ensure high quality of service, and will be given opportunities for professional growth in cybersecurity. The position entails conducting inquiry procedures as dictated by CyberProof methodology and contributing insights on the case investigation and detection quality. Principal Duties: Quickly respond to and classify all incoming security cases, ensuring that incidents are appropriately escalated to the right analyst within the predefined SLA period during the Analysts shift. Conduct the first triage investigations into the assigned cases using a blended approach based on tools integrated into the SOAR platform and document all collected evidence and conclusions. At the shifts commencement, diligently review all new information in the SOAR, through the Teams channel, shared mailbox, and any other designated communication mediums to ensure readiness to continue or start case the investigation and address client queries. Facilitate a smooth handoff to the next team at the end of the shift, ensuring continuous and seamless security monitoring. Remain to any procedural inconsistencies or issues and proactively report these to the team leader or upper analytical layer (L2) for resolution or consultation. Should uncertainty or complex issues arise, elevate the matter promptly to a senior L1 Analyst or Shift and Technical Leads before resorting to the L2 team. Support the Lead Analysts and the L2 team in the extraction and compilation of data needed for the preparation of Weekly, Monthly, and Quarterly Business Review (QBR) documentation. Skills and qualifications: At least 2 years of experience as a security analyst Proficient in investigating s related to phishing, malware, and similar threats. Solid understanding of computer security and networking concepts Experience with Splunk SIEM Knowledgeable about endpoint protection tools Skilled in analyzing network traffic, interpreting logs, and examining packet capture. Strong critical thinking and analytical abilities Excellent written and verbal communication skills Experience managing and analyzing s from security tools is a plus. Familiarity with cloud solutions is advantageous. Relevant certifications are a plus.

As the Lead Security Analyst, you will be responsible for overseeing the monitoring and analysis of security alerts and events from various sources to detect and address potential security incidents efficiently. Your role will involve providing mentorship and guidance to junior analysts to foster their professional growth. Conducting thorough analysis of security incidents, evaluating their implications, and coordinating efforts across different teams for effective resolution will be a key aspect of your responsibilities. You will be expected to develop and implement advanced detection rules, use cases, and correlation logic to improve the accuracy of security monitoring. Collaboration with threat intelligence teams to remain updated on the latest threats, tactics, techniques, and procedures (TTPs) is essential. Leading incident response activities, ensuring prompt and comprehensive actions to mitigate security incidents, will be crucial in this role. Participation in post-incident reviews and analysis to identify root causes and areas for enhancement is required. Additionally, contributing to the continuous improvement of Security Operations Center (SOC) processes, procedures, and toolsets is a key responsibility. Staying abreast of emerging security technologies and industry trends to provide recommendations for tool upgrades and process enhancements is also part of your role. Furthermore, you will assist in creating and maintaining comprehensive documentation related to security incidents, procedures, and findings. Reviewing incidents escalated by Level 1 analysts and collaborating with internal customers to address their security-related issues are among the duties you will perform. You should be prepared to work in a 24/7 rotational shift model, including night shifts, and conduct forensic investigations when necessary. It is considered advantageous to have strong expertise in security monitoring tools and technologies such as SIEM, Firewall IDS/IPS, EDR, and threat intelligence platforms. An in-depth understanding of network protocols, firewall technologies, endpoint security, and cloud security is beneficial. Proficiency in recognizing successful intrusions and compromises, leading security incident response efforts, and possessing excellent analytical and problem-solving skills are desired qualities. Moreover, exceptional communication and interpersonal skills are essential for effective collaboration with both technical and non-technical stakeholders. Possession of relevant certifications such as CISSP, CISM, CISA, GIAC Certified Incident Handler, CEH Certified, CCSP, or SOC Analyst is highly desirable for this role. A minimum qualification of a Bachelor's degree in Computer Science, Information Security, or a related field is preferred for applicants.,

Providing weekly/monthly reports to the Upper Management. Bachelor s degree. 3-7 years of experience of working in Security operations and Incident response. L2/L3 resource preferrable. A passion for, and deep understanding of, vulnerability and threat management. Vulnerability Management. Inhouse SOC team member (preferrable). Must have expert networking protocol knowledge. Able to demonstrate an understanding of current offensive / defensive computing and forensics. Should be able to provide threat Intel services. Prior experience detecting, analyzing and/or responding to security incidents. Demonstrated ability to analyze and correlate information from a wide variety of enterprise technologies. Good Communication skills within the team and with end users Hands-on experience with common security technologies (IDS, Firewall, Rapid7, etc.) Understanding of common security threats, attack vectors, vulnerabilities, and exploits Shift work, with flexibility to cover both day and nighttime shifts. 24/7 Monitoring Capability Should be able to work independently, with Vendors and drive the calls whenever required. Continuous surveillance of networks, systems, and endpoints (Antivirus) Use of SIEM (Security Information and Event Management) tools Incident Detection and Response Threat Hunting Knowledge of how to set up policies and controls in the security tool sets Certifications (Optional but Preferred) RESPONSIBILITIES: Provide incident response as part of the 24 7 Security Operations Center Manage the security vulnerabilities and risks across WB including identifying, supporting application/system owners to manage risks and remediate vulnerabilities. Work closely with both business-oriented executives and technology-oriented personnel to ensure adequate processes are in place and actions are being taken to mitigate identified risks proactively. Develop strategies to identify, manage, and mitigate identified threats and vulnerabilities to attain desired risk profile and communicate strategies to key stakeholders. Produces and regularly evaluates all TVM (Threat and Vulnerability Management) programs and process related documentation. Ensure effective and complete scanning of the test, corporate and production environments. Create projects within the tool and monitor the progress & regular follow ups with Patching team and application & server owners. Monitoring of events & alerts from a multitude of technologies to detect malicious activity. Detailed analysis using a variety of tools and techniques to investigate, navigate, correlate, and fully understand security incidents of the data available. Conducts initial triage of security events and incidents. Facilitates communication within the SOC and documents progress throughout the Incident Response Lifecycle. Recognizes potential, successful, and unsuccessful intrusion attempts and compromises through reviews and correlation with different security tools. Proper escalation and hand-off of security incidents for containment and remediation. Tuning of rules, filters, and policies for detection-related security technologies to improve accuracy and visibility. Jumping on the call with Vendors and other teams to discuss issues / to get their requirements and deliver the same in the form of projects.

Job Title: Security Operations Center (SOC) Analyst Location: India, Mumbai Department: Trust, Security Position Summary We are seeking a detail-oriented and proactive SOC Analyst to join our cybersecurity team. This role is critical in monitoring, detecting, analyzing, and responding to cybersecurity incidents in a 24/7 environment. The ideal candidate will have a strong understanding of security operations, threat landscapes, and incident response protocols and will be able to act in an empowered manner in a complex environment. Key Responsibilities Monitor security alerts and events using SIEM and other security tools. Investigate and analyze security incidents to determine root cause, scope, and impact. Escalate and coordinate incident response activities with internal teams and external partners. Maintain and improve detection rules, playbooks, and response procedures. Conduct threat hunting and proactive analysis to identify potential vulnerabilities or threats. Collaborate with IT, compliance, and risk teams to ensure alignment with security policies and standards. Document incidents, findings, and lessons learned in a clear and structured manner. Qualifications Bachelor s degree in Computer Science, Information Security, or a related field. 2+ years of experience in a SOC or cybersecurity operations role. Hands-on experience with Microsoft Defender and Microsoft Sentinel is required. Familiarity with SIEM platforms, IDS/IPS, firewalls, and endpoint protection. Strong analytical and problem-solving skills. Excellent communication and documentation abilities. Relevant certifications (e.g., CompTIA Security+, CEH, GCIH) are a plus. Preferred Attributes Experience with cloud security monitoring (e.g., Azure, AWS). Python scripting experience and/or API scripting experience Knowledge of MITRE ATT&CK framework and threat intelligence platforms. Ability to work in a fast-paced, high-pressure environment with rotating shifts.

You will be responsible for monitoring cyber security operations for our global customers as part of a 24x7x365 operations team, with minimal supervision from the Team Lead. Your role will involve mentoring junior team members, responding to low and medium complexity incidents independently, and assisting the Team Lead in supervisory activities to ensure a high-performance organization. Your primary outcomes will include mentoring junior team members to help them achieve their full potential, responding to incidents within defined SLAs, and ensuring that cyber security alerts are effectively managed by the team. You will also be responsible for training and motivating the team to follow documented playbooks, ensuring quality of service, and reviewing and recommending updates to playbooks and Use Cases. Adherence to SOC processes and Information Security policies will be critical aspects of your role. Key measures of your performance will include innovation demonstrated through case studies, team adherence to SLAs, productivity in addressing incidents, quality of ticket resolution, adherence to processes during audits, and evidence of skill development through training and certifications. Your main responsibilities will include cyber security monitoring in alignment with the Playbook, incident management through analysis and resolution, communication and escalation as per defined processes, and documentation to maintain audit trails. You will also assist the team lead in promoting continuous learning, delivering innovations, and mentoring junior team members. Additionally, you will be involved in generating required reports, management information, and analytics. Other responsibilities will include performing housekeeping tasks, conducting quality checks and reviews, standing in for the team lead when required, and assisting in achieving near-zero false positives. To excel in this role, you should possess high proficiency in CDC, SIEM, and other relevant tools, the ability to recommend playbook improvements and process enhancements, strong problem-solving and analytical skills, excellent communication skills, a commitment to continuous learning, and the flexibility to work in rotating shifts and be on-call outside of regular hours. Personal and professional integrity will be essential, and background checks may be required. Ideal candidates will have 3 to 5 years of experience in SOC operations, a degree in Cyber Security or related field, proficiency in Cybersecurity Incident Management, knowledge of enterprise IT infrastructure, ISMS principles, and relevant frameworks. Additional training or certifications in ethical hacking tools and cyber security frameworks would be desirable. As a SOC analyst, you will play a crucial role in maintaining the cyber security posture of our organization and ensuring the effective monitoring and management of security incidents. Your strong communication skills and commitment to security operations will be key assets in this role.,

Monitor and analyze security events and s across various platforms (SIEM, EDR, IDS/IPS, etc.). Investigate potential security incidents and escalate as appropriate, following defined incident response processes. Correlate events from multiple sources to identify patterns or anomalies. Perform advanced analysis of cyber threats, malware, phishing, and other attack vectors. Lead and participate in threat hunting activities to proactively identify potential threats and vulnerabilities. Serve as the administrator for SOC tools including SIEM, EDR, SOAR, and threat intelligence platforms. Manage integration of log sources, data onboarding, and normalization across tools.

Job Description Role: SOC Analyst Exp: 2 to 4 Years Job Location: Mumbai (Powai - Hiranandani) It is 5 Days Working Work From Office Role Core duties and responsibilities: Security Monitoring: Continuously monitor security alerts, logs, and other data sources using tools like SIEM (Security Information and Event Management) systems, IDS/IPS, firewalls, and endpoint security solutions to detect suspicious activities. Incident Detection and Response: Identify and categorize security incidents (e. g. , malware infections, data breaches), investigate their root cause, contain the threat (e. g. , isolating affected systems), and mitigate the impact. Alert Triage: Assess alerts generated by security tools, prioritizing them based on severity and urgency to focus on the most critical threats. Threat Hunting: Proactively search for potential security threats that may evade automated tools, analyzing logs, traffic patterns, and other data for anomalies. Reporting and Documentation: Create detailed reports on security incidents, investigations, and response actions for management and other stakeholders, ensuring compliance with relevant regulations. Security Tool Management: Manage and operate security technologies, ensuring they are updated and functioning correctly. Threat Intelligence: Stay updated on the latest cybersecurity threats, vulnerabilities, and attack techniques through threat intelligence sources and research. Collaboration: Work closely with other security professionals (e. g. , incident responders, threat hunters) and IT teams to investigate and resolve security issues.

Role & responsibilities Job Title: SOC Analyst Japanese Language (JLPT N4) Location: Bangalore (Hybrid Mode) Experience Required: 1.6 to 10 years Work Mode: Hybrid Client Location: Bangalore Job Description We are looking for a highly motivated SOC Analyst with Japanese language proficiency (JLPT N4) to join our clients Information Security team. The ideal candidate will have strong technical expertise in cyber security operations, incident response, and threat detection, along with experience in a global, complex, and matrix-managed organization. Roles & Responsibilities Perform cyber security threat detection, assessment, and mitigation efforts. Support compliance inquiries (IT Risk Management, internal & external audits) ensuring documentation aligns with information security policies. Identify, evaluate, and monitor continuous threats that may impact business operations. Create and manage security use cases, dashboards, and alerts using Splunk. Research and adopt industry best practices and standards for SIEM and SOAR platforms. Provide guidance to junior team members on incident handling and security operations. Collaborate with cross-functional teams to strengthen incident response and forensic investigations. Required Skills & Experience 3–5 years overall experience in global, complex, and matrix-managed organizations. Minimum 2 years’ hands-on experience in: Cyber security operations / Information security Incident response and forensic investigation Threat and vulnerability management Knowledge in the following domains: IT security, incident handling, exploit analysis, threat intelligence, digital forensic methods Hands-on experience with tools/technologies: Splunk, Phantom, Python, CrowdStrike, Tenium, Defender, SOAR, AWS, forensic security tools Strong analytical and problem-solving skills in handling security incidents. Language Requirement Japanese Language Proficiency: JLPT N4 (mandatory). Key Skills SOC Analyst, Cyber Security, Incident Response, Threat Detection, Vulnerability Management, SIEM, SOAR, Splunk, Phantom, Python, CrowdStrike, Tenium, Defender, AWS, Forensic Security, Japanese Language N4 Kindly share your resume at shivani.sajwan.sc@nttdata.com

SOC Analyst Job Summary: We are seeking a highly motivated and detail-oriented SOC Analyst to join our Security Operations Center (SOC). The SOC Analyst will be responsible for monitoring, analyzing, and responding to cybersecurity incidents using a variety of tools and techniques. This role is essential in identifying threats, mitigating attacks, and ensuring the overall security posture of the organization. This position also offers opportunities to participate in broader cybersecurity initiatives. Motivated individuals may have the chance to expand their skill sets and take on additional cybersecurity projects or responsibilities as assigned. Key Responsibilities: • Monitor security alerts and events from various security tools (SIEM, IDS/IPS, EDR, etc.) • Analyze network traffic, logs, and system data to detect anomalies and potential threats • Investigate and respond to security incidents, escalating as necessary • Perform initial triage of alerts to determine severity and potential impact • Document incidents, findings, and remediation steps in ticketing systems • Collaborate with IT teams to implement and improve incident response procedures • Stay up to date with current threat trends, vulnerabilities, and threat intelligence feeds • Participate in threat hunting and vulnerability scanning activities • Assist in the creation of SOC playbooks, standard operating procedures (SOPs), and reports • Contribute to additional cybersecurity projects and tasks as assigned Required Qualifications: • Bachelors degree in Computer Science, Cybersecurity, Information Technology, or related field or industry-recognized certification(s) (e.g., Security+, GSEC, CEH, etc.) • 13 years of experience in a cybersecurity or IT security role • Knowledge of cybersecurity fundamentals, including malware, attack vectors, and threat mitigation • Experience with Security Information and Event Management (SIEM) platforms (e.g., Splunk, QRadar, LogRhythm) • Understanding of TCP/IP, OSI model, firewalls, and network protocols • Strong analytical and problem-solving skills • Excellent written and verbal communication skills Preferred Qualifications (Nice to Have): • Experience with scripting or automation (e.g., Python, PowerShell) • Familiarity with cloud architecture and security tools (AWS, Azure, GCP) • Strong understanding of Identity and Access Management (IAM) principles and implementation • Experience in threat hunting and digital forensics

Job Title : Senior Security SOC Analyst Location : Bengaluru, Chennai Experience : Above 5+Skills Skills : SIEM,Logrythm, Job Description: ESSENTIAL DUTIES AND RESPONSIBILITIES : Implement and perform service delivery of Security Operating center Conduct and lead incident response activities (triage, root cause analysis, escalations, notifications, communication, etc.) resulting from Information Security incidents consistent with Incident Response processes and procedures. Perform in-depth data analysis on various data and media types through the application of advanced methods, tools, and research techniques. Respond to, report on, and track security events reported to the SIEM, system and event logs, and other sources which require further analysis. Facilitate and lead meetings or discussions pertaining to security issues or potential threats to determine necessary or improved defensive measures or response actions. Provide SME leadership throughout the incident response lifecycle. Establish and leverage external relationships to obtain cyber and InfoSec threats with context for how it impacts MFX and its clients. Monitor internal and external threats; examine logs, events, and alerts generated by multiple platforms for anomalous activity, evidence of security incidents, and other error conditions that may constitute a breach in security or a degradation of integrity or confidentiality of our systems and data. Provide forensic support as needed or required for security incidents, potential or adjudicated. Provide mentorship and technical guidance to less experienced security analysts. Provide input, trends or analytical support to discover anomalous traffic, behaviors or patterns related to new threat activity, policy violations, etc. Leverage scripting skills to develop tools for the automation of security processes using Python, Perl, Bash, and PowerShell. Work with a wide variety of security tools, both network and system based, as needed. Participate in internal projects and initiatives, researching and recommending appropriate security solutions. Document processes, policies, reports and procedures as require. Knowledge and Skills: The successful candidate will have a proven track record 6- 8 years in information security derived from an all-round Information Technology background and SOC/SIEM experience and possess a combination of the following skills, and competencies: Good working knowledge of Windows operating systems, Linux, networking, LogRhythm, RSA Net witness, troubleshooting, and security strategies. Solid understanding of additional security technologies / disciplines such as EDR, Palo Alto and Juniper firewalls, intrusion prevention, encryption, threat analysis, and vulnerability assessment. Comfortable with managing complex, enterprise-scale logging, including ensuring reporting and alerting is appropriate. Strong analytical, documentation, and communication skills, both oral and written Good team working skills and ability to work in a distributed global team environment. Strong analytical and problem-solving skills. Self-motivated, proactive and with determination to achieve goals. Proven business skills including effective oral and written communication, issue resolution, project management, and self-motivation. Experience with industry recognized SIEM solutions such as LogRhythm, Azure Sentinel Relevant security certifications such as CEH, GIAC, GSEC, CISSP Technical Skills: Exposure to SIEM Alert monitoring and management for multiple SIEM Products Working knowledge of at least 3 of the following technologies. o SIEM tools preferably LogRhythm, Azure Sentinel o Nessus Vulnerability Assessment o EDR, EPP, Network Security, Cloud Security, DLP, Encryption, proxy. Understanding of alerts from other monitoring systems e.g. DLP, WAF, Anti APT, DAM etc. Excellent knowledge of Intrusion Detection (deep TCP/IP knowledge, and Cyber security), various operating systems (Windows/UNIX), and web technologies (focusing on Internet security). Ability to read and understand packet level data. Intrusion detection and prevention and Network Security Products (IDS/IPS, firewalls, etc) Host Security Products (HIPS, AV, scanners, etc) Knowledge of cutting-edge threats and technologies effecting Web Application vulnerabilities and recent internet threats.

You will be joining Marvell as a CyberSecurity Analyst, where you will play a crucial role in identifying and responding to threats against Marvell data and systems. As part of the Security Operations Center (SOC), your responsibilities will include providing primary triage, analysis, and operational support for security events and alerts. You will utilize various security analytics tools, log aggregators, and threat intelligence repositories to perform correlation and investigate security incidents. Your role will involve real-time incident handling, intrusion correlation, threat analysis, and system remediation to support deployable Incident Response. Additionally, you will participate in analyzing the nature of attacks, conducting root cause analysis of incidents, and monitoring external data sources proactively to identify potential security issues that may impact the enterprise. Furthermore, you will document and publish incident findings, techniques, and reports to relevant stakeholders within Marvell. You will also contribute to improvement tasks such as false positive reduction and use case refinement, while effectively communicating both verbally and in writing updates on alerts and incidents. To be successful in this role, you should have at least 4 years of experience as a SOC Analyst, preferably in a large enterprise environment. You must possess strong communication skills and the ability to tailor your message to various audiences, ranging from technical subject matter experts to company executives. A deep understanding of MITRE ATT&CK framework, proficiency in technical writing, and the ability to solve problems in ambiguous situations are essential. Moreover, you should have experience working with technologies such as IDS/IPS, NGFW, EDR, SIEM, HIDS/HIPS, AV, and Vulnerability Scanners. Industry security certifications like C|EH and relevant GIAC certifications are highly desirable, along with experience in IT service management and infrastructure operations in an enterprise-level organization. Marvell offers competitive compensation and benefits, fostering an environment of collaboration, transparency, and inclusivity. You will have access to resources and support to succeed in impactful work and opportunities for growth and development within the company. To learn more about working at Marvell, you can visit our Careers page.,

Choosing Capgemini means choosing a company where you will be empowered to shape your career in the way you'd like, where you'll be supported and inspired by a collaborative community of colleagues around the world, and where you'll be able to reimagine what's possible. Join us and help the world's leading organizations unlock the value of technology and build a more sustainable, more inclusive world. Analyzing cyber threat data from multiple sources including open-source intelligence (OSINT), internal network logs, threat feeds, and commercial threat intelligence platforms is a key responsibility. You will perform the intelligence capitalization within the Group owned Threat Intelligence Platform and leverage Threat Intelligence Platforms, SIEM tools, and other security technologies to automate the collection, analysis, and dissemination of threat intelligence. Utilizing threat modeling techniques to anticipate and prioritize potential risks based on evolving cyber threat trends will be part of your role. You will assist with risk assessments, vulnerability management, and penetration testing efforts by providing insights into possible threat actor targeting and attack vectors. Investigating Indicators of Compromise (IOCs), Tactics, Techniques, and Procedures (TTPs), and malware samples to identify emerging threats and vulnerabilities is a critical aspect of the job. Correlating threat data with internal logs, threat intelligence platforms, and external sources to build comprehensive threat profiles is also part of your responsibilities. Providing technical threat intelligence support during active security incidents, assisting in the identification of malicious activity, threat actor attribution, and incident containment will be required. Working closely with the Incident Response & Threat hunting team to analyze and track threat actors, their tactics, and attack methods is essential. You will participate in the tools Proof of Concept used/expected by the Team and regularly look for their relevancy given the evolution of the Group needs. Applying the Business Continuity Plan for the Group Cyber Threat Intelligence Team and ensuring that the Service Level Agreements (SLAs) are not breached are also part of your duties. Primary Skills required for this role include experience in a Cyber Threat Intelligence or related cybersecurity role (e.g., SOC Analyst, Security Researcher, Incident Responder), familiarity with open-source intelligence (OSINT) & Social Media Intelligence (SOCMINT) tools and techniques, understanding of the cyber threat landscape, advanced persistent threats (APTs), and attack methodologies (e.g., MITRE ATT&CK framework), general intelligence knowledge, knowledge about intelligence capitalization, associations, and correlation, familiarity with threat intelligence platforms (e.g., OpenCTI, ThreatConnect, Anomali, MISP), and familiarity with security tools like SIEM (Splunk, QRadar) and endpoint security would be appreciated.,

As a SOC Analyst, you will be responsible for monitoring and analyzing security events to protect the organization's information systems. You will play a crucial role in identifying and responding to security incidents to ensure the integrity and confidentiality of data. This is a full-time position with the opportunity for permanent employment or a contractual/temporary role with a contract length of 36 months. The benefits include health insurance coverage to support your well-being. In this role, you will work in a dynamic environment with day shift and rotational shift schedules. Your primary work location will be in person, where you will collaborate with the team to enhance the organization's security posture and respond to emerging threats effectively.,

CorroHealth is looking for Executive SOC Analyst to join our dynamic team and embark on a rewarding career journey Assisting with the preparation of operating budgets, financial statements, and reports Processing requisition and other business forms, checking account balances, and approving purchases Advising other departments on best practices related to fiscal procedures Managing account records, issuing invoices, and handling payments Collaborating with internal departments to reconcile any accounting discrepancies Analyzing financial data and assisting with audits, reviews, and tax preparations Updating financial spreadsheets and reports with the latest available data Reviewing existing financial policies and procedures to ensure regulatory compliance Providing assistance with payroll administration Keeping records and documenting financial processes

Responsibilities: * Conduct threat analysis using SOC tools like QRadar & LogRhythm. * Collaborate with incident response team on security incidents. * Monitor network activity for suspicious behavior.

As a SOC Analyst (Incident Management) with 4+ years of experience, you will be based in Mohali, working strictly from the office with a 5-day work week and a 30-day notice period. Your role will be crucial in resolving cyber security incidents and collaborating with the IT Infrastructure and application teams to support daily SOC operations. Your responsibilities will include acting as a primary incident responder and coordinator, performing incident handling through effective communication and coordination efforts, triaging incidents, escalating security incidents to senior staff when necessary, tracking and analyzing incidents using a ticket management system, and engaging IT teams for remediation. You will also be responsible for planning and managing incident response procedures, documenting security incidents, and assisting in enhancing the operational efficiency of SOC platforms. To excel in this role, you should have familiarity with incident management principles and frameworks, knowledge of SIEM, AV, EDR, Next-Gen Firewalls, Cloud Platforms, and IT networking concepts. You should possess strong skills in monitoring and reporting security remediations, incident response activities, effective documentation, as well as verbal and written communication. Stakeholder management, experience in a complex matrix environment, and the ability to work in an international multicultural team are also essential. If you are looking to utilize your skills as a SOC Analyst in incident management, this role offers the opportunity to contribute to the resolution of cyber security incidents, improve SOC operational efficiency, and collaborate with diverse teams to enhance overall security posture.,

":" Job Title: L1 SOC Analyst LogRhythm SIEM Location: Mumbai, India Employment Type: Full-Time | Onsite About the Role: We are seeking a proactive and dedicated L1 SOC Analyst to join our Security Operations Center in Mumbai. The analyst will be the first line of defense, responsible for monitoring, triaging, and escalating security alerts using LogRhythm SIEM. This is an excellent opportunity for candidates looking to build a strong career in cybersecurity operations. Key Responsibilities: - Monitor security events and alerts through LogRhythm SIEM console - Perform initial analysis, classification, and triage of security incidents - Escalate genuine security incidents to L2 SOC team following defined procedures - Maintain incident logs, documentation, and shift handover reports - Support incident investigations by collecting relevant logs and evidence - Monitor health of SIEM log sources and report issues proactively - Follow SOC playbooks and response procedures with high attention to detail - Participate in shift-based operations (24x7 rotational shifts) Key Skills & Competencies: - 0.6 to 2 years of experience in SOC or cybersecurity monitoring role - Hands-on exposure to LogRhythm SIEM - Knowledge of security event types, log analysis, and basic networking concepts - Understanding of common security threats, malware, phishing, brute force, etc. - Good communication skills both written and verbal - Ability to work effectively under pressure and as part of a team Preferred Qualifications: - BachelorDegree in Information Security, Computer Science, or related field - LogRhythm Certificationsoptional but desirable - Security certifications like CompTIA Security+, CEH an added advantage ","

":" Job Title: L2 SOC Analyst LogRhythm SIEM Location: Mumbai, India Employment Type: Full-Time | Onsite About the Role: We are looking for an experienced L2 SOC Analyst to strengthen our Security Operations Center in Mumbai. The ideal candidate will have 2 to 5 years of hands-on experience in security monitoring and incident analysis, particularly on LogRhythm SIEM. You will be responsible for in-depth analysis, incident investigation, escalation, and coordination with response teams. Key Responsibilities: - Monitor, analyze, and triage security alerts from LogRhythm SIEM and other security platforms - Investigate and validate security incidents with detailed analysis and impact assessment - Conduct threat hunting and advanced log correlation as per SOC playbooks - Respond to incidents as per defined escalation matrix and coordinate with internal/external teams - Perform root cause analysis, recommend containment and mitigation actions - Provide guidance and mentorship to L1 SOC Analysts for escalated incidents - Prepare incident reports, analysis summaries, and dashboards for management - Monitor and report SIEM health, log source integration issues, and tuning requirements - Participate in continuous improvement of detection rules and SOC processes - Work in 24x7 rotational shifts with readiness for critical incident handling Required Skills & Competencies: - 2 to 5 years of SOC operations experience, with a focus on SIEM monitoring and incident handling - Strong hands-on experience with LogRhythm SIEM (Mandatory) - Good understanding of security threats, attack vectors, malware behavior, and common vulnerabilities - Practical experience in analyzing logs from firewalls, IDS/IPS, endpoint security, and cloud platforms - Familiarity with MITRE ATT&CK framework and threat intelligence usage - Strong analytical thinking, incident response capabilities, and problem-solving skills - Good communication skills for incident reporting and escalation Preferred Certifications: - LogRhythm Certified Deployment Engineer (LCDE) or LogRhythm Certified SOC Analyst (LCSA) - Optional - CompTIA Security+, CEH, CySA+, or equivalent security certifications - Any threat hunting or incident response certification is a plus Work Mode: Onsite Mumbai SOC Facility Shift: 24x7 Rotational Shifts (Including Nights and Weekends) ","

As an Academic Advisor for Cybersecurity Training & Certification at Technovalley Software India Pvt. Ltd., located in Kochi, India, you will play a crucial role in guiding aspiring students, IT professionals, and corporate partners towards achieving internationally recognized certifications and unlocking global career opportunities. Your main responsibilities will include providing professional career guidance and counselling to individuals interested in pursuing Cybersecurity career paths such as Ethical Hacking, Cybersecurity Analyst, Computer Hacking Forensic Investigator, Offensive Security Certified Cybersecurity, Penetration Testing, SOC Analyst, Threat Intelligence, and Incident Response. You will be tasked with understanding the career aspirations and goals of each individual and recommending appropriate certification and training programs to align with their career trajectory. Additionally, you will educate prospective learners on global certification standards from renowned organizations like EC-Council, OffSec, CompTIA, PECB, and Microsoft. You will also offer insights into industry demand for Cybersecurity professionals, expected salary growth, and career scope in various Cybersecurity fields. Your role will involve coordinating the admission process, following up with leads, ensuring high admission conversion rates, and promoting scholarship opportunities for eligible candidates. Furthermore, you will be responsible for building relationships with students, acting as a student success partner, and collaborating with the placement cell to ensure certified students receive career assistance and placement opportunities. The desired qualifications for this role include a Bachelor's degree in Computer Science, Cybersecurity, IT, or related fields, along with a minimum of 2-3 years of experience in academic counselling, career guidance, or technical training consultation, preferably in Cybersecurity, IT Training, or EdTech industries. To excel in this role, you should possess a strong understanding of Cybersecurity certifications, excellent communication and negotiation skills, and the ability to work towards achieving aggressive targets. Your passion for helping individuals build careers in Cybersecurity, along with your familiarity with global job markets and career trends in Cybersecurity and IT Security domains, will be key assets in this position. Joining Technovalley will offer you the opportunity to work with India's leading Cybersecurity Training Company, engage with global professionals and industry leaders, and contribute to shaping the next generation of Cybersecurity professionals in India and beyond. This role also comes with a competitive salary, performance-based incentives, and the chance to drive career transformation in the cybersecurity space.,

SOC Analyst Core Responsibilities Monitor security dashboards and alerts to identify potential threats. Respond to security incidents by following established response plans. Conduct threat hunting to proactively identify vulnerabilities and potential threats. Collaborate with other departments, such as network engineering and incident response teams, for coordinated threat response. Analyze security incidents and document findings to prevent future occurrences. Develop and maintain security monitoring tools and processes. Implement and optimize SIEM, SOAR, EDR, and Threat Intelligence platforms. Conduct vulnerability assessments and penetration tests to identify weaknesses. Create and maintain incident response procedures and playbooks. Provide detailed reports on security incidents and emerging threats. Stay updated with the latest cybersecurity trends and threats. Experience 7-9 years of experience in cybersecurity, with a focus on SOC operations. Extensive experience with security monitoring tools and incident response. Proficiency in threat hunting and vulnerability analysis. Strong knowledge of network protocols, operating systems, and common cybersecurity threats. Experience with SIEM, SOAR, EDR, and Threat Intelligence platforms. Ability to conduct in-depth threat intelligence analysis and develop containment strategies. Experience in conducting vulnerability assessments and penetration tests. Excellent analytical and problem-solving skills. Strong communication and collaboration skills. Knowledge of frameworks such as NIST Cybersecurity framework, MITRE ATT&CK, and Lockheed Martin Cyber Kill Chain.

At Bravura Solutions, collaboration, diversity, and excellence matter greatly. We highly value your ideas, providing you with the space to be curious and innovative within an exciting, fast-paced, and flexible environment. There is a variety of skills and abilities that we look for, focusing on how you can contribute value to Bravura and our unique culture. As a global leader in the FinTech market and an ASX listed company, Bravura is a trusted partner to over 350 prominent financial services clients, offering wealth management technology and products. Our significant investments in technology hubs and innovation labs drive our future-focused mindset, developing cutting-edge, digital-first technology solutions to help our clients achieve financial security and prosperity for their customers. The Security Operations Analyst position at Bravura is integral to shaping a growing information security function during a period of high-impact transformation. As a key member of our team, you will support the build-out of our internal capability and work closely with our outsourced SOC provider. This role involves incident response coordination, vulnerability management, and offensive security activities, including penetration testing support and remediation tracking. Your responsibilities will include acting as the in-house lead for escalations from our third-party MDR/SOC, coordinating vulnerability management programs, supporting penetration tests, ensuring security operations align with client requirements, tracking operational metrics and security KPIs, developing incident response playbooks and procedures, monitoring the threat landscape, and supporting audits and client due diligence processes. To be successful in this role, you should have at least 5 years of experience in a security operation, incident response, or SOC analyst role, along with familiarity with vulnerability management tools, regulatory requirements in financial services or highly regulated environments, incident response frameworks, and bonus skills like scripting/automation and cloud security experience. Industry security certifications are a plus. At Bravura, we prioritize our employees" well-being and career development. We offer competitive salaries, a comprehensive employee benefits scheme, flexible working hours to promote work-life balance, maternity/parental leave policies, cab facilities in Delhi/NCR, meal facilities, and free medical insurance. We base our hiring decisions on your experience, skills, and passion, so even if you do not meet all the listed requirements, we encourage you to apply. Interviews are primarily conducted virtually, and we are open to making reasonable adjustments. All final applicants will undergo a criminal record and background check, with each application being considered on its own merits.,