46 Soc Analyst Jobs - Page 2

Role & responsibilities Develop and maintain playbooks runbooks and incident response procedures Collaborate with threat intelligence teams to enrich alerts and improve detection capabilities Conduct postincident reviews and root cause analysis Mentor and train L1 and L2 SOC analysts Recommend and implement improvements to SOC tools processes and detection rules Stay current with emerging threats vulnerabilities and security technologies The expectations from the graders would be To evaluate the tasks that are being fed into the agent for their real world applicability To evaluate the agent output to come up with a ground truth and rate the agent output in a predefined rubric based on the inputs pr-ovided by us To have very deep SOC analyst experience and insights This also includes any other skills needed to evaluate the agent output The ability to scale to around min 2030 evaluations per day per grader based on the complexity of the task Core Technical Skills SIEM Tools eg Splunk QRadar Microsoft Sentinel Endpoint Detection and Response EDR eg CrowdStrike SentinelOne Firewall and IDSIPS eg Palo Alto Snort Suricata Log Analysis and Packet Capture Analysis eg Wireshark Threat Intelligence Platforms eg MISP Recorded Future Incident Response and Forensics Scripting Automation Python PowerShell Bash Operating Systems Windows Linux macOS Networking Fundamentals TCPIP DNS HTTP VPNs

Position: Security Incident Analyst- L3[SOC- L3] Company: CyberAssure www.cyberassure.one Location: @ Client site - Cyber city ,Gurgaon Experience : 5- 8 yrs + Salary range: 12-13 lacs max. Joining time: ASAP max 30 days Shift: Rotational Shifts Key Responsibilities 1. Incident Response and Management: נLead the response to high-severity security incidents such as data breaches, malware outbreaks, and targeted attacks. נRespond to incidents escalated from SOC Level 1 and Level 2 analysts, providing guidance and expertise for effective containment and remediation. 2. Advanced Threat Analysis: נPerform detailed analysis and triage of alerts from security tools such as SIEM (Security Information and Event Management), EDR (Endpoint Detection & Response), firewalls, and network traffic monitoring systems. 3. Security Tools & Monitoring: נManage and fine-tune security tools (SIEM, IDS/IPS, EDR, etc.) to optimise threat detection and response. נCreate, update, and improve security use cases, detection rules, & playbooks for automated incident handling. 4. Collaboration & Knowledge Sharing: נProvide guidance and mentorship to junior SOC analysts (L1 and L2), helping to develop their skills and improve the overall SOC capability. נLead post-incident reviews (PIR) to evaluate incident response performance , refine processes & procedures. Job Requirements: Certifications: Intermediate to advanced certifications such as GIAC Certified Incident Handler (GCIH), Certified Information Systems Security Professional (CISSP), or equivalent preferred. Experience: Minimum 5 years of experience in a security operations center (SOC) or incident response role . Technical Skills: Expertise in network security, endpoint security, cloud security, and application security. Extensive experience in cybersecurity and incident response. Proficiency in using SIEM platforms and security monitoring tools such as QRadar. Hands-on experience with security tools such as SIEM (Splunk, QRadar, etc.), EDR (CrowdStrike, Carbon Black, etc.), IDS/IPS, and firewalls. Strong understanding of threat intelligence sources, including open-source intelligence (OSINT) and commercial threat feeds. Ability to translate threat intelligence into actionable security measures. Qualifications: Bachelor's degree in computer science, Cybersecurity, or a related field. Share Ur latest C.V. with details like- 1. Ctc 2. Expectation 3. Notice period Regards, Rajesh Kumar AAYAM CONSULTANTS Cell: - 9311232179/ 7011595674 Email id: - [HIDDEN TEXT]

L1 SOC Analyst - Splunk Experience : 2 to 3 years Location : Hyderabad / Trivandrum / Kochi / Bangalore / Chennai Company: CyberProof, A UST Company About CyberProof CyberProof is a leading cyber security services and platform company dedicated to helping customers react faster and smarter to security threats. We enable enterprises to create and maintain secure digital ecosystems through automation, threat detection, and rapid incident response. As part of the UST family, we are trusted by some of the world s largest enterprises. Our Security Operations Group is composed of a global team of highly skilled cyber security professionals, with our tier 3-4 expertise rooted in Israeli Intelligence About the role : The primary role of a SOC Level 1 Analyst is to serve as the frontline defense, managing first triage and ranking of security cases, and initiating the threat detection and response processes for client-related security events. The Analyst is integral to the MDR, working collaboratively with other teams to ensure high quality of service, and will be given opportunities for professional growth in cybersecurity. The position entails conducting inquiry procedures as dictated by CyberProof methodology and contributing insights on the case investigation and detection quality. Principal Duties: Quickly respond to and classify all incoming security cases, ensuring that incidents are appropriately escalated to the right analyst within the predefined SLA period during the Analysts shift. Conduct the first triage investigations into the assigned cases using a blended approach based on tools integrated into the SOAR platform and document all collected evidence and conclusions. At the shifts commencement, diligently review all new information in the SOAR, through the Teams channel, shared mailbox, and any other designated communication mediums to ensure readiness to continue or start case the investigation and address client queries. Facilitate a smooth handoff to the next team at the end of the shift, ensuring continuous and seamless security monitoring. Remain to any procedural inconsistencies or issues and proactively report these to the team leader or upper analytical layer (L2) for resolution or consultation. Should uncertainty or complex issues arise, elevate the matter promptly to a senior L1 Analyst or Shift and Technical Leads before resorting to the L2 team. Support the Lead Analysts and the L2 team in the extraction and compilation of data needed for the preparation of Weekly, Monthly, and Quarterly Business Review (QBR) documentation. Skills and qualifications: At least 1 year of experience as a security analyst Proficient in investigating s related to phishing, malware, and similar threats. Solid understanding of computer security and networking concepts Experience with SIEM tool Splunk Knowledgeable about endpoint protection tools Skilled in analyzing network traffic, interpreting logs, and examining packet capture. Strong critical thinking and analytical abilities Excellent written and verbal communication skills Experience managing and analyzing s from security tools is a plus. Familiarity with cloud solutions is advantageous. Relevant certifications are a plus.

B.Sc/M.Sc. (computer science/IT)/ BCA /MCA/Engineering. Certification. CEH/SIEM Certification or any cybersecurity certifications Following are the key responsibilities of L1 SOC Operator: 1. Monitor Dashboards & Rules triggered by Qradar to invoke incident handling process. 2. Monitor health of QRadar looking into respective administrative dashboards. 3. Acknowledge the Offenses and alerts generated by Qradar 4. Perform Initial analysis of the Offenses triggered, or anomalies observed on the dashboards before sending it to SOC Analyst and IS Security Team. 5. Gather necessary information from QRadar with respect to the case which would serve as evidence and aid SOC Analyst in further investigation of the case. 6. Report the Offenses triggered in the form of cases to SOC Analyst for incident validation. 7. Follow-up with on the case/incident to effectively resolve the case/incident in the ticketing tool. 8. Track the lifecycle of the entire case/ incident to effectively resolve the case/incident. 9. Assist SOC Analyst by providing necessary information in managing the case/incidents. 10. Consolidate the information gathered from the automatically generated reports from Netwitness and submit to SOC Analyst for review. 11. Ensure that daily reports, weekly reports and monthly reports are generated, prepared and sent to the concerned personnel within agreed timelines. 12. Take regular backup of QRadar and SOC/IS Security devices as per the defined schedule. 13. Follow shift handover process and maintain the incident database. 14. Track server shutdowns, blocked IPs and log sources not reporting to QRadar.

Role & responsibilities Key Responsibilities: Plan, execute, and document internal audits for ISO/IEC 27001:2022 and SOC 2 controls across the organization. Conduct risk assessments to identify control weaknesses and areas for improvement. Evaluate effectiveness of existing information security policies, procedures, and controls. Collaborate with process owners to ensure timely implementation of corrective actions. Maintain audit schedules and manage audit evidence for internal and external assessments. Liaise with external auditors for ISO and SOC 2 certification processes. Assist in development, review, and continuous improvement of ISMS and security policies. Maintain up-to-date knowledge of compliance requirements, regulatory changes, and industry trends. Train internal teams on ISO/SOC2 awareness and audit preparedness. Report audit findings and compliance status to senior management with actionable recommendations. Required Qualifications: Bachelors degree in Information Security, Computer Science, Auditing, or related field. At least 2–5 years of experience in auditing information security management systems. Proven experience in conducting internal audits for ISO/IEC 27001:2022 and SOC 2 frameworks. Certifications such as ISO 27001 Lead Auditor is mandatory. PIMS/CISA/BCMS or other relevant Certifications will be a plus Solid understanding of information security principles, risk management, and data privacy. Preferred Skills: Excellent analytical, problem-solving, and documentation skills. Strong interpersonal and communication skills, with the ability to interact with technical and non-technical stakeholders. Self-driven with the ability to manage multiple priorities under minimal supervision Work Environment: May require occasional travel for site audits or assessments. Flexible hours during audit cycles may be required.

Plan, implement, configure, and migrate market-leading cyber security solutions (Qradar, Sentinel, Defender etc) Creation and implementation of new SIEM use cases (correlation rules), fine tuning, Defender policies etc Configuration, onboarding, and parsing of new log sources in SIEM solution, working on malware analysis, mail analysis, Threat intelligence/hunting etc Assessment of the effects of an attack, taking initial measures and making concrete recommendations for action, Improvement of response plans and incident playbooks Classification and investigation of alarms from different threat detection platforms and provision of the processed results to our customers Anomaly and attack pattern detection at all stages of the cyber killchain Tool-based and manual threat hunting to detect attacks after zero-day exploits or vulnerabilities with a potentially severe impact on customer environments become known Creation of security reports based on the security incidents within the reporting period Creation of reports and dashboards Ensure adherence to and implementation of best incident response procedures as well as internal and industry standards Participation in on-call duty to ensure incident response even outside of business hours 24*7 onsite cybersoc support to customer including weekends public holidays Skill Set Required: Mandatory skill set Good hands-on experience on SIEM tools like Qradar, MS Sentinel Knowledge on Microsoft Defender Good experience on Incident handling response Certification in IBM Qradar SOC Analyst/Administrator, SC-200 Secondary skill set Knowledge on Python, any scripting language Malware investigation and reporting Forensic investigation of SPAM / Phising email incidents Knowledge on threat intelligence threat hunting Experience: 4+ years related work experience in customer facing organizations within cybersoc services Degree / Diploma Holders with Cybersecurity knowledge Excellent verbal written communication skills in English language Global Delivery Operations

Job Purpose : This position will report to the CBTS Security organization and support company applications, systems, and vendors with security operations, administration, and general maintenance. This is a shift-based position and will have well-defined working hours. The position supports CBTS and its security strategy and objectives by providing security monitoring and remediation. It provides services to mitigate cyber risks to CBTS and protects company information, systems, products, facilities, and assets. Essential Functions: (70%) Security Implementation and Operations - Monitor security alerts and events and follow playbooks to respond to and escalate security incidents. Communicate with employees to remediate discovered risks. Support Security applications and infrastructure. Review systems and applications. Assist with vulnerability scans. Perform maintenance activities for applications and infrastructure. Perform incident/event response. Assist with documentation and policy creation. (10%) Innovative Solutions - Designs creative solutions that use technologies and processes to mitigate risks to information, systems, products, facilities, and assets. (10%) Risk Management - Identifies and facilitates remediation of potential security risks. (10%) Technical Training - A SOC analyst I is expected to keep up to date on the latest security trends and technologies. Time will be available for continued training. Education Four years of college resulting in a bachelor s degree or equivalent Certifications, Accreditations, Licenses N/A Experience 0-2 Years Special Knowledge, Skills, and Abilities Technical knowledge (security and compliance) - working experience with network, compute, and/or application security technologies. Strong knowledge of the OSI model Good communication, documentation, and presentation skills Inquisitive, motivated, and creative Planning and organizing Self-starter and takes initiative.

The Level 3 Security Operations Center (SOC) Resource is a highly skilled and experienced security professional who is responsible for the advanced detection, analysis, and response to security incidents. Roles and Responsibilities of SOC Analyst L3 Lead and mentor junior SOC analysts Conduct in-depth investigations into complex security incidents Identify and analyse emerging threats and vulnerabilities Develop and implement security incident response plans Drive end-to-end implementation of the SIEM and SOAR Solutions. Expertise in SOC team building. Qualifications and Skills for SOC analyst L3 Bachelor's(BE/B.Tech) degree in Computer Science, Information Security, or a related field 8+ years of experience in security operations or a related field. He shall be currently serving as Soc Analyst L3 and has minimum served on L3 position for atleast 2 years. Experience with security information and event management (SIEM) systems and SOAR Certifications for Soc Analyst L3 CISSP (Certified Information Systems Security Professional) GCIH (GIAC Certified Incident Handler) GCFA (GIAC Certified Forensic Analyst) Other relevant security certifications PS. Exp in L1, L2 and L3 mandatory. Looking for a candidate who can join company ASAP. For more details feel free to call Jyoti Tiwari 9819589998

24*7 cybersoc support to customer Plan, implement, configure, and migrate market-leading cyber security solutions (Qradar, Sentinel, Arbor, Qualys etc) Creation and implementation of new SIEM use cases (correlation rules), fine tuning, DDOS managed object, Qualys solution Configuration, onboarding, and parsing of new log sources in SIEM solution, creation of new MO, defining Threosholds in DDOS solution, working on malware analysis, mail analysis, qualys scanning etc Classification and investigation of alarms from different threat detection platforms and provision of the processed results to our customers Assessment of the effects of an attack, taking initial measures and making concrete recommendations for action, Improvement of response plans and incident playbooks Anomaly and attack pattern detection at all stages of the cyber killchain Tool-based and manual threat hunting to detect attacks after zero-day exploits or vulnerabilities with a potentially severe impact on customer environments become known Creation of security reports based on the security incidents within the reporting period Creation of reports and dashboards Ensure adherence to and implementation of best incident response procedures as well as internal and industry standards Participation in on-call duty to ensure incident response even outside of business hours Education, qualifications, and certifications Degree / Diploma Holders with Cybersecurity knowledge Excellent verbal & written communication skills in English language Skill Set Mandatory skill set Good hands-on experience on SIEM tools like Qradar, Sentinel Knowledge on Microsoft Defender Knowledge of DDOS service & mitigation methodology Experience on Incident handling & response Certification in IBM Qradar SOC Analyst/Administratior, SC-200 Secondary skill set Knowledge on Python, any scripting language Malware investigation and reporting Forensic investigation of SPAM / Phising email incidents Knowledge on Qualys, Crowdstrike will be added advantage

Job Functions/Responsibilities: Minimum 5+ years as a SOC analyst with exposure to Digital Forensics, Threat Hunting and Incident Response Management. Experience in Linux Operating Security and Active Directory Security Able to do Research and analysis on any Security incidents. 24/7 support. Should be able to work on Saturday and Sunday To prevent, detect, assess, and respond to cybersecurity threats and incidents To assist the Compliance Team in digital forensics and information gathering To monitor different tools for intrusions, malicious traffic, threats etc Malware analysis Network Security Threat Intel and Threat Hunting Vulnerability Assessments Log Analysis Endpoint Security Physical Access Control Systems Digital Forensics Windows and Linux Good knowledge on Mitre Att&ck framework Experienced with Sysmon logs and investigation is a must To investigate the attack techniques using Sysmon logs and hunt for the IOCs collected. Preferred candidate profile Experienced in Incident Response Management (L1 & L2) and should be familiar with Incident Response Lifecycle Firewall knowledge IDS/IPS experience Log Management/SIEM tool experience Network Analysis tool System Analysis Malware Analysis Endpoint Security DLP Familiar with Cyber Kill Chain or Mitre Att&ck Operating Systems (Linux and Windows) Vulnerability assessment tool experience RSS Feeds/Updates familiarity Malware signatures and latest vulnerabilities updates familiarity Must be excellent in Verbal and Written Communication Digital Forensics Experience/Education Requirements Any Graduate 5+ Years of experience as SOC Analyst and in Incident Response Management, Digital Forensics (Windows and Linux) and Threat Hunting Certified in Ethical Hacker, Certified Incident Handler, Comptia Security+, CHFI preferred

Who we are Were a leading, global security authority thats disrupting our own category. Our encryption is trusted by the major ecommerce brands, the worlds largest companies, the major cloud providers, entire country financial systems, entire internets of things and even down to the little things like surgically embedded pacemakers. We help companies put trust - an abstract idea - to work. Thats digital trust for the real world. Job summary The Security Operations Center (SOC) provides DDoS detection and mitigation services for DigiCert and customers networks. The SOC also provides all Customer Support capabilities for the UltraSecurity service. We are seeking a Senior Information Security Engineer to support our ever-growing customer base. The hours for this role are from 8:30am - 6:30pm, 4 days/week. (Bangalore Time) What you will do Exhibit a proactive security mindset to defend customer networks from DDoS attacks. Follow runbooks to conduct DDoS attack mitigation and response. Conduct deep analysis of customer traffic and mitigations to improve customer response. Handle escalations from associate SOC engineers. Assist with complex attacks to refine mitigation strategies. Monitor customer networks and mitigate DDoS attacks. Monitor the SOC ticket queue and proactively take action to protect DigiCert and customer networks. Manage engagements with white glove and strategic customers. Assist in the creation and updating of SOC policies and processes. Answer the phone queue for Tier 1 support for UltraDDoS and UltraWAF customers. Assist customers with resolving technical issues within the UltraSecurity services. What you will have Exhibit a proactive security mindset to defend customer networks from DDoS attacks. Follow runbooks to conduct DDoS attack mitigation and response. Conduct deep analysis of customer traffic and mitigations to improve customer response. Handle escalations from associate SOC engineers. Assist with complex attacks to refine mitigation strategies. Monitor customer networks and mitigate DDoS attacks. Monitor the SOC ticket queue and proactively take action to protect DigiCert and customer networks. Manage engagements with white glove and strategic customers. Assist in the creation and updating of SOC policies and processes. Answer the phone queue for Tier 1 support for UltraDDoS and UltraWAF customers. Assist customers with resolving technical issues within the UltraSecurity services. Nice to have PSAA (Practical SOC Analyst Associate) certification. CompTIA CySA, CASP, or SecurityX certifications. Experience with Arbor equipment and Sightline Threat Management system. Benefits Generous time off policies Top shelf benefits Education, wellness and lifestyle support #LI-SD1

Total experience 3 years as Cyber Security Analyst. Knowledge on LogRhythm SIEM tool. Incident handling Total experience 3 years as Cyber Security Analyst. Knowledge on LogRhythm SIEM tool. Incident handling Job description 2-3 years of Experience in SIEM analyst and incident handling. B.E/B.Tech Roles and Responsibilities: 3+ years experience as a SOC analyst and any SIEM tool. Min 2+ years experience on LogRhythm SIEM. Responsible for alerts monitoring and incident handling. Perform the initial analysis and identify if any potential threat. Analyse security alerts and determine their validity and potential impact on the organization. Review and analyse security logs from various sources (e.g., firewalls, intrusion detection/prevention systems, and endpoint protection) Correlating logs from various security controls to gather more insight of the suspected event. Regularly preparing log monitoring reports and daily security report and proactively work on it. Document security incidents, including the steps taken to resolve them and any lessons learned. Ensure compliance with security policies, procedures, and regulatory requirement Work closely with other IT and security team members to enhance overall security posture. Coordinate with the L2 and L3 for any escalations. Knowledge on cyber kill chain and MITRE Attack frameworks and mythologies. Knowdledge on various cyber attacks in Cyber security world. Certifications: LogRhythm Security Analyst (LRSA) from LogRhythm University CEH

[{"Salary":null , "Remote_Job":false , "Posting_Title":"SOC Analyst - L3" , "Is_Locked":false , "City":"Chennai" , "Industry":"IT Services","Job_Description":" The SOC L3 Analyst is a senior member of the Security Operations Center team, responsible for advanced threat analysis, incident response, and security operations. This role involves leading investigations, developing detection capabilities, and mentoring junior analysts. The ideal candidate should possess deep technical expertise in cybersecurity, excellent problem-solving skills, and the ability to make critical decisions in high-pressure situations. Key Responsibilities: Lead advanced investigations of security incidents and perform root cause analysis. Develop and fine-tune detection rules and security use cases for SIEM and other security tools. Collaborate with threat intelligence teams to correlate data and identify emerging threats. Conduct threat hunting activities to proactively identify suspicious behavior and vulnerabilities. Design and implement incident response processes and playbooks. Serve as an escalation point for L1 and L2 analysts for complex security issues. Ensure timely and accurate documentation of incidents, findings, and remediation steps. Collaborate with engineering and IT teams to improve security posture and harden systems. Provide mentorship and training to junior SOC team members. Required Skills/Technologies/Tools Extensive experience with Security Information and Event Management (SIEM) tools like Splunk, Sentinel or ELK. In-depth knowledge of cybersecurity frameworks like MITRE ATT&CK and the cyber kill chain. Advanced understanding of networking protocols, firewalls, and intrusion detection systems. Strong expertise in incident response, digital forensics, and malware analysis. Hands-on experience with endpoint detection and response (EDR) and threat intelligence platforms. Proficiency in scripting languages (Python, PowerShell, or Bash) for automation and analysis. Excellent analytical, troubleshooting, and problem-solving skills. Ability to communicate complex technical issues clearly to both technical and non-technical stakeholders. Good to have Technologies/Tools Knowledge of security orchestration, automation, and response (SOAR) platforms. Experience with reverse engineering and advanced malware analysis techniques. Hands-on experience with data loss prevention (DLP) and endpoint protection platforms. Familiarity with case management tools and digital forensic tools. Hands-on experience with vulnerability management and threat intelligence platforms. Relevant any cybersecurity certifications. ","Job_Type":"Full time","Job_Opening_Name":"SOC Analyst - L3","State":"Tamil Nadu" , "Country":"India" , "Zip_Code":"600119" , "id":"166747000000514521" , "Publish":true , "Date_Opened":"2025-05-07" , "Keep_on_Career_Site":false}]

Some careers shine brighter than others. If you re looking for a career that will help you stand out, join HSBC and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further. HSBC is one of the largest banking and financial services organisations in the world, with operations in 64 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realise their ambitions. We are currently seeking an experienced professional to join our team in the role of SENIOR SOC ANALYST In this role, you will: The primary responsibilities of the Senior SOC Analyst are: Monitoring the entire global HSBC technology and information estate for new attacks and log them to appropriate systems. Triaging potentially malicious events to determine severity and criticality of the event. Responding to alerts from the various monitoring/detection systems and platforms within defined SLAs. Following detailed processes and procedures to analyse, respond to and/or escalate cyber security incidents. Supporting cyber security incidents through to eradication and feedback lessons learned, in to improved cyber resilience. Analysing network traffic using a variety of analysis tools. Monitoring security appliance health and perform basic troubleshooting of security devices; notify security engineering as necessary for malfunctioning equipment. Analysing malicious artefacts obtained from network monitoring with a focus on generation of threat intelligence and service improvement. Identifying and developing new ideas to enhance our detection capability (Use cases) and mitigations (Playbooks) across the security platforms. Reviewing and validating new Use Cases and Playbooks created by Cybersecurity colleagues. Researching emerging threats and vulnerabilities to aid in the identification of cyber incidents. Applying structured analytical methodologies to maximize threat intelligence growth and service efficacy. Supporting handovers to other teams and countries at the start and end of the working shift. Contributing to the continued evolution of hunting, monitoring, detection, analysis and response capabilities and processes. Training, developing and mentoring colleagues in area(s) of specialism. Collaborating with the wider Cybersecurity (and IT) teams to ensure that the core, underlying technological capabilities that underpin an effective and efficient operational response to current and anticipated threats and trends remain fit for purpose. Identifying processes that can be automated and orchestrated to ensure maximum efficiency of Global Cybersecurity Operations resources. Promoting a self-critical and continuous assessment and improvement culture whereby identification of weaknesses in the bank s control plane (people, process, and technology) are brought to light and addressed in an effective and timely manner. Supporting engagement in support of HSBC Global Businesses and Functions to drive a global up-lift in cyber-security awareness and help to evangelise HSBC Cybersecurity efforts and success. Requirements To be successful in this role, you should meet the following requirements: Experience working with Microsoft Identity technologies. Good investigative skills and insatiable curiosity. Instinctive and creative, with an ability to think like the enemy. Strong problem-solving and trouble-shooting skills. Strong communication and interpersonal skills, with proven ability to communicate technical topics to diverse audiences. Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one. Ability to learn quickly through hands on experience. Experience defining and refining operational procedures, workflows, and processes to support the team in consistent, quality execution of monitoring and detection. An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business. An understanding of organizational mission, values and goals and consistent application of this knowledge. Self-motivated and possessing of a high sense of urgency and personal integrity. Highest ethical standards and values. Knowledge of cyber security principles, global financial services business models, regional compliance regulations and laws. Good understanding and knowledge of common industry cyber security frameworks, standards and methodologies, including OWASP, ISO2700x series, PCI DSS, GLBA, EU data security and privacy acts, FFIEC guidelines, CIS and NIST standards

Tata Elxsi is a global design and technology services leader for Automotive, Media, Communications and Healthcare. The Company helps customers reimagine their products and services through design thinking and application of digital technologies such as IoT (Internet of Things), Cloud, Mobility, Virtual Reality, and Artificial Intelligence. Roles and Responsibilities: Overseeing the 24x7x365 Security Operation Centers processes, technology and people who monitor security tools, assess threats, and risks involving client infrastructure and orchestration Lead and manage the Security Operations Center (SOC) team, providing direction, guidance, and support to ensure the team's effectiveness and productivity with In-depth knowledge of security operations, incident response methodologies, and security technologies (SIEM, IDS/IPS, EDR, etc.). Responsible for ensuring that all Managed Service deliverables are produced on time and within strict SLA time frames, while maintaining an innovative growth culture within SOC team. Expected to act as the escalation point for the SOC technical team Managing priorities, providing recommendations and implementing changes to methods/processes. Handle client meetings, point of contact for client requirements, onboard new clients. Manage relationships with our customers in-house operations teams and lead operational interactions/cadence with client management. Provide direction and vision to improve SOCs effectiveness, including motivating people to perform, listening to the team, providing feedback, recognizing strengths, identifying automation opportunities, reducing alert fatigue and providing adequate challenges to staff to maintain innovative growth culture. Oversee the management of our existing Managed Security Operations managed SIEM and EDR solutions, ensuring their optimal performance and effectiveness in detecting and responding to security incidents. Collaborate with the SOC analysts and engineering team to define and implement SIEM rules, alerts, and correlation logic to improve the accuracy and efficiency of threat detection. Develop and implement SOC strategies, policies, and procedures to enhance the organization's security posture and incident response capabilities. Oversee the monitoring and analysis of security events and incidents, ensuring timely detection, investigation, and response to potential threats or vulnerabilities. Taking a proactive role in utilizing Threat Intelligence and Threat Hunting activities, ensuring the SOC is ahead of potential security threats. Establish and maintain relationships with external partners, vendors, and industry peers to stay updated on emerging threats, best practices, and industry trends. Conduct regular assessments and audits of SOC processes, systems, and controls to identify areas for improvement and ensure compliance with regulatory requirements. Develop and deliver comprehensive reports and metrics on SOC performance, including incident trends, response times, and effectiveness. Stay abreast of the evolving cybersecurity landscape, emerging threats, and industry standards, providing recommendations for proactive security measures and continuous improvement of the SOC. Proven expertise in MDR and Managed SIEM, with a strong preference for experience with Leading Market vendors. Strong networking concepts, including an in-depth understanding of TCP/IP protocols, firewall configuration, network segmentation, VPNs, etc. Strong understanding of Threat Intelligence, Threat Hunting, Vulnerability Management, and risk assessment frameworks. Knowledge and hands-on experience of implementation and management of IDS/IPS, Firewall, VPN, and other security products Experience with Opensource Security Information Event Management (SIEM) tools, creating advance co-relation rules, administration of SIEM, system hardening, and Vulnerability Assessment Strong background and expertise on various security technologies including end point security, perimeter security, Advanced threat protection, Security monitoring and security Certifications: CISSP,CISM, CEH, OSCP, or equivalent are highly desirable., ITIL or equivalent

Hiring for SOC Analyst Experience- 6+ Years Position Title - SOC Analyst Experience- 4+ Skills - soc Work location- Bangalore Shift - Rotational 24/7 IF interested please share your profile on- ekta11.kumari@global.ntt Please share profiles with below details Total exp - Rel Exp NP - C CTC - E CTC - C Location. Preferred candidate profile Role & responsibilities Preferred candidate profile

What is a SOC analyst? SOC analysts can be understood as the first point of contact to any incident/threat in basic terms. SOC stands for Security Operations Center, and it consists of multiple analysts who work 24x7 rotational shifts to fight against threats that could harm an organization. A SOC analyst generally is responsible for assessing the endpoints and look for vulnerabilities using various tools and technologies. However, the role of a SOC analyst is not limited to this: SOC Analyst Job Duties and Responsibilities: Evaluate critical security incidents using detection tools. Investigate event alerts and logs from multiple endpoints. Analyze and co-relate logs from the firewall, IDS/IPS, AVs, O365, etc. Work in a 24x7 pro-active environment and respond to security alerts. Document and report incidents/offenses to the clients. Use Endpoint detection tools to detect malware across the client s environment. Maintain and send monthly, weekly reports and other client-specific documentation. Work on industry standard SIEM solutions to analyze incidents and create complex indexed searches. Using analytical skills to whitelist False Positives incidents. Keep yourself updated on security news/vulnerabilities and compose a set of Use Cases. Use basic scripting knowledge to automate processes. Onboarding new clients from scratch and configuring their network environment. Identifying compromised Endpoints by analyzing payloads/logs and notifying clients. Work on latest security technologies, including Email filtering, Compliance and Patch management, Syslog management, MDR, and SIEM.

Qualification. B.Sc/M.Sc. (computer science/IT)/ BCA /MCA/Engineering. Certification. CEH/SIEM Certification or any cybersecurity certifications Following are the key responsibilities of L1 SOC Operator: 1. Monitor Dashboards & Rules triggered by Qradar to invoke incident handling process. 2. Monitor health of QRadar looking into respective administrative dashboards. 3. Acknowledge the Offenses and alerts generated by Qradar 4. Perform Initial analysis of the Offenses triggered, or anomalies observed on the dashboards before sending it to SOC Analyst and IS Security Team. 5. Gather necessary information from QRadar with respect to the case which would serve as evidence and aid SOC Analyst in further investigation of the case. 6. Report the Offenses triggered in the form of cases to SOC Analyst for incident validation. 7. Follow-up with on the case/incident to effectively resolve the case/incident in the ticketing tool. 8. Track the lifecycle of the entire case/ incident to effectively resolve the case/incident. 9. Assist SOC Analyst by providing necessary information in managing the case/incidents. 10. Consolidate the information gathered from the automatically generated reports from Netwitness and submit to SOC Analyst for review. 11. Ensure that daily reports, weekly reports and monthly reports are generated, prepared and sent to the concerned personnel within agreed timelines. 12. Take regular backup of QRadar and SOC/IS Security devices as per the defined schedule. 13. Follow shift handover process and maintain the incident database. 14. Track server shutdowns, blocked IPs and log sources not reporting to QRadar.

We are currently seeking for a SOC Analyst our Bengaluru/Hyderabad location. Kindly add few profiles by EOD. Responsibilities of the SOC analysts: - Surveillance of an Organizations Networks and Systems: Monitor WxCCE cloud offering, including security systems, applications, and networks, to detect irregularities indicating a potential breach or attack. - Identify, Assess, and Mitigate Security Threats in Real-Time: Upon identifying a threat, work with WxCCE teams to determine the cause of the anomaly and take preventive measures to avoid future occurrences. - Incident Response and Investigation: Collaborate with team members to investigate incidents thoroughly before reporting to the authorities if needed. - Collaborates With Other Team Members to Implement Security Procedures, Solutions, and Best Practices: Work with their teams to implement and update security systems and procedures to ensure ongoing safe and secure operations within the organization. Certification/Requirements: Bachelors degree in computer engineering or similar field. Any of the following certifications is a plus -Certified Ethical Hacker (CEH) -Computer Hacking Forensics Investigator (CHFI) -EC-Council Certified Security Analyst (ECSA) -Licensed Penetration Tester (LPT) -CompTIA Security+ -CompTIA Cybersecurity Analyst (CySA+) Familiarity with ExaBeam SIEM technology a plus.

Job Title: SOC Analyst Organization Name: NEC India Reporting Relationship: IT BU Role Summary: Familiarity with SIEM tools (e.g., Splunk, ManageEngine). Knowledge of networking fundamentals, security protocols, and incident response. Understanding of malware, phishing, and other attack vectors. Strong analytical thinking and problem-solving abilities. Incident response and reporting. Responsibilities: Monitor security alerts and events through SIEM and other security platforms. Investigate suspicious activity and escalate incidents as needed. Perform initial triage and classification of security events. Collaborate with internal teams to contain and remediate threats. Conduct root cause analysis and document findings. Stay updated with emerging threats and vulnerability trends Prerequisites: Qualification -B.Sc / M.SC / B.Tech / BE / BCA / MCA, BA, B.com Ideal candidate should have a minimum of 3-6 Year experience Base Location: Noida , but flexible to travel Job Title: SOC Analyst Organization Name: NEC India Reporting Relationship: IT BU Role Summary: Familiarity with SIEM tools (e.g., Splunk, ManageEngine). Knowledge of networking fundamentals, security protocols, and incident response. Understanding of malware, phishing, and other attack vectors. Strong analytical thinking and problem-solving abilities. Incident response and reporting. Responsibilities: Monitor security alerts and events through SIEM and other security platforms. Investigate suspicious activity and escalate incidents as needed. Perform initial triage and classification of security events. Collaborate with internal teams to contain and remediate threats. Conduct root cause analysis and document findings. Stay updated with emerging threats and vulnerability trends Prerequisites: Qualification -B.Sc / M.SC / B.Tech / BE / BCA / MCA, BA, B.com Ideal candidate should have a minimum of 3-6 Year experience Base Location: Noida , but flexible to travel Specialization Description General IT Applications Development includes analysis, programming, and configuration of end user applications and/or systems software including: Analyzing detailed business/functional/technical requirements and specifications for the application Coding internally developed applications and/or configuring commercial-off-the-shelf (COTS) applications using programming, scripting, and database languages Supporting application testing, deployment, maintenance, and evolution activities by correcting programming errors, responding to scope changes, and coding application enhancements Level Description Senior level professional that applies advanced knowledge of job area typically obtained through advanced education and work experience. Works independently applying an advanced knowledge of a job area typically obtained through advanced education and work experience. Works to achieve results in a job area, overseeing and managing projects/ processes independently with limited supervision. Problems faced are difficult and are sometimes complex, though are routine. Coaching and reviewing the work of lower level professionals. Headquartered in Japan, NEC is a leader in the integration of IT and network technologies. With over 123 years of expertise in providing solutions for empowering people, businesses, and society, NEC stands tall as a champion in enabling change and transformation across the globe. Present in India since 1950, NEC has been instrumental in burgeoning India s digitization journey continually for the past 70 years. NEC India has proved its commitment to orchestrating a bright future through its diverse businesses from Telecommunications to Public Safety, Logistics, Transportation, Retail, Finance, Unified Communication and IT platforms, serving across the public and private sectors. NEC India, through the deployment of cutting-edge technology, has been powering India in seminal ways, making lives easier, safer, and more productive for all. With its Centre of Excellence for verticals like Analytics platform solutions, Big Data, Biometrics, Mobile and Retail, NEC India brings to the table, innovative, seamless solutions for India and across the world. NEC India is headquartered in New Delhi and has its offices panned across the country. It has branches in Ahmedabad, Bengaluru, Chennai, Mumbai, Noida and Surat. Specialties: IT & Networking Solutions, Unified Communication Solutions, Safety and Security Solutions, Integrated Retail Solutions, Data Centre Solutions, Safe and Smart City Solutions, Transportation Solutions, SDN Solutions, Carrier Telecom Solutions, and Solutions for Society. NEC Career Site - LinkedIn NEC Corporation Career Site Home Page Visits our Career Site to find jobs across the world with NEC, learn about our strong culture of inclusion and diversity and how we support society. NEC Corporation Career Site Home Page Visits our Career Site to find jobs across the world with NEC, learn about our strong culture of inclusion and diversity and how we support society.

Key Responsibilities Infrastructure Management: Install, configure, and maintain SOC lab hardware and software, in a highly virtualized environment, including servers, workstations, network devices, and security appliances. Perform regular system updates, patches, and upgrades to ensure security and performance. Monitor system performance and troubleshoot issues to minimize downtime. Lab Environment Configuration: Set up and maintain a variety of security tools and platforms used for training, testing, and simulation purposes. Create and manage virtual environments to emulate different network configurations and scenarios for training and testing. Security and Compliance: Implement and enforce security policies and procedures within the lab environment. Conduct regular security audits and vulnerability assessments to identify and mitigate risks. Ensure compliance with industry standards and regulatory requirements. Technical Support and Training: Provide technical support to SOC analysts and other staff using the lab environment. Assist in the development and delivery of training programs for SOC personnel on new tools, technologies, and procedures. Documentation and Reporting: Maintain detailed documentation of the lab infrastructure, including network diagrams, configuration settings, and inventory lists. Prepare reports on lab usage, performance metrics, and maintenance activities. Collaboration and Innovation: Work closely with SOC analysts, engineers, and management to understand their needs and incorporate feedback into lab improvements. Stay informed about emerging technologies and security trends to propose and implement innovative solutions in the lab. Qualifications Bachelors degree in computer science, Information Technology, Cybersecurity, or a related field. Relevant certifications (e.g., CompTIA Network+, Security+, Cisco CCNA, RHCE) are a plus. Experience with network administration, system administration, and security technologies. VMware Virtualization and vCenter server appliance and Virtual Networking Experience with both Linux and Windows Server/Desktop Operating Systems and Cloud services (Azure, AWS) Strong problem-solving skills and attention to detail. Excellent communication and interpersonal skills.