66 Soc Analyst Jobs - Page 3

Total experience 3 years as Cyber Security Analyst. Knowledge on LogRhythm SIEM tool. Incident handling Total experience 3 years as Cyber Security Analyst. Knowledge on LogRhythm SIEM tool. Incident handling Job description 2-3 years of Experience in SIEM analyst and incident handling. B.E/B.Tech Roles and Responsibilities: 3+ years experience as a SOC analyst and any SIEM tool. Min 2+ years experience on LogRhythm SIEM. Responsible for alerts monitoring and incident handling. Perform the initial analysis and identify if any potential threat. Analyse security alerts and determine their validity and potential impact on the organization. Review and analyse security logs from various sources (e.g., firewalls, intrusion detection/prevention systems, and endpoint protection) Correlating logs from various security controls to gather more insight of the suspected event. Regularly preparing log monitoring reports and daily security report and proactively work on it. Document security incidents, including the steps taken to resolve them and any lessons learned. Ensure compliance with security policies, procedures, and regulatory requirement Work closely with other IT and security team members to enhance overall security posture. Coordinate with the L2 and L3 for any escalations. Knowledge on cyber kill chain and MITRE Attack frameworks and mythologies. Knowdledge on various cyber attacks in Cyber security world. Certifications: LogRhythm Security Analyst (LRSA) from LogRhythm University CEH

[{"Salary":null , "Remote_Job":false , "Posting_Title":"SOC Analyst - L3" , "Is_Locked":false , "City":"Chennai" , "Industry":"IT Services","Job_Description":" The SOC L3 Analyst is a senior member of the Security Operations Center team, responsible for advanced threat analysis, incident response, and security operations. This role involves leading investigations, developing detection capabilities, and mentoring junior analysts. The ideal candidate should possess deep technical expertise in cybersecurity, excellent problem-solving skills, and the ability to make critical decisions in high-pressure situations. Key Responsibilities: Lead advanced investigations of security incidents and perform root cause analysis. Develop and fine-tune detection rules and security use cases for SIEM and other security tools. Collaborate with threat intelligence teams to correlate data and identify emerging threats. Conduct threat hunting activities to proactively identify suspicious behavior and vulnerabilities. Design and implement incident response processes and playbooks. Serve as an escalation point for L1 and L2 analysts for complex security issues. Ensure timely and accurate documentation of incidents, findings, and remediation steps. Collaborate with engineering and IT teams to improve security posture and harden systems. Provide mentorship and training to junior SOC team members. Required Skills/Technologies/Tools Extensive experience with Security Information and Event Management (SIEM) tools like Splunk, Sentinel or ELK. In-depth knowledge of cybersecurity frameworks like MITRE ATT&CK and the cyber kill chain. Advanced understanding of networking protocols, firewalls, and intrusion detection systems. Strong expertise in incident response, digital forensics, and malware analysis. Hands-on experience with endpoint detection and response (EDR) and threat intelligence platforms. Proficiency in scripting languages (Python, PowerShell, or Bash) for automation and analysis. Excellent analytical, troubleshooting, and problem-solving skills. Ability to communicate complex technical issues clearly to both technical and non-technical stakeholders. Good to have Technologies/Tools Knowledge of security orchestration, automation, and response (SOAR) platforms. Experience with reverse engineering and advanced malware analysis techniques. Hands-on experience with data loss prevention (DLP) and endpoint protection platforms. Familiarity with case management tools and digital forensic tools. Hands-on experience with vulnerability management and threat intelligence platforms. Relevant any cybersecurity certifications. ","Job_Type":"Full time","Job_Opening_Name":"SOC Analyst - L3","State":"Tamil Nadu" , "Country":"India" , "Zip_Code":"600119" , "id":"166747000000514521" , "Publish":true , "Date_Opened":"2025-05-07" , "Keep_on_Career_Site":false}]

Some careers shine brighter than others. If you re looking for a career that will help you stand out, join HSBC and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further. HSBC is one of the largest banking and financial services organisations in the world, with operations in 64 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realise their ambitions. We are currently seeking an experienced professional to join our team in the role of SENIOR SOC ANALYST In this role, you will: The primary responsibilities of the Senior SOC Analyst are: Monitoring the entire global HSBC technology and information estate for new attacks and log them to appropriate systems. Triaging potentially malicious events to determine severity and criticality of the event. Responding to alerts from the various monitoring/detection systems and platforms within defined SLAs. Following detailed processes and procedures to analyse, respond to and/or escalate cyber security incidents. Supporting cyber security incidents through to eradication and feedback lessons learned, in to improved cyber resilience. Analysing network traffic using a variety of analysis tools. Monitoring security appliance health and perform basic troubleshooting of security devices; notify security engineering as necessary for malfunctioning equipment. Analysing malicious artefacts obtained from network monitoring with a focus on generation of threat intelligence and service improvement. Identifying and developing new ideas to enhance our detection capability (Use cases) and mitigations (Playbooks) across the security platforms. Reviewing and validating new Use Cases and Playbooks created by Cybersecurity colleagues. Researching emerging threats and vulnerabilities to aid in the identification of cyber incidents. Applying structured analytical methodologies to maximize threat intelligence growth and service efficacy. Supporting handovers to other teams and countries at the start and end of the working shift. Contributing to the continued evolution of hunting, monitoring, detection, analysis and response capabilities and processes. Training, developing and mentoring colleagues in area(s) of specialism. Collaborating with the wider Cybersecurity (and IT) teams to ensure that the core, underlying technological capabilities that underpin an effective and efficient operational response to current and anticipated threats and trends remain fit for purpose. Identifying processes that can be automated and orchestrated to ensure maximum efficiency of Global Cybersecurity Operations resources. Promoting a self-critical and continuous assessment and improvement culture whereby identification of weaknesses in the bank s control plane (people, process, and technology) are brought to light and addressed in an effective and timely manner. Supporting engagement in support of HSBC Global Businesses and Functions to drive a global up-lift in cyber-security awareness and help to evangelise HSBC Cybersecurity efforts and success. Requirements To be successful in this role, you should meet the following requirements: Experience working with Microsoft Identity technologies. Good investigative skills and insatiable curiosity. Instinctive and creative, with an ability to think like the enemy. Strong problem-solving and trouble-shooting skills. Strong communication and interpersonal skills, with proven ability to communicate technical topics to diverse audiences. Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one. Ability to learn quickly through hands on experience. Experience defining and refining operational procedures, workflows, and processes to support the team in consistent, quality execution of monitoring and detection. An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business. An understanding of organizational mission, values and goals and consistent application of this knowledge. Self-motivated and possessing of a high sense of urgency and personal integrity. Highest ethical standards and values. Knowledge of cyber security principles, global financial services business models, regional compliance regulations and laws. Good understanding and knowledge of common industry cyber security frameworks, standards and methodologies, including OWASP, ISO2700x series, PCI DSS, GLBA, EU data security and privacy acts, FFIEC guidelines, CIS and NIST standards

Tata Elxsi is a global design and technology services leader for Automotive, Media, Communications and Healthcare. The Company helps customers reimagine their products and services through design thinking and application of digital technologies such as IoT (Internet of Things), Cloud, Mobility, Virtual Reality, and Artificial Intelligence. Roles and Responsibilities: Overseeing the 24x7x365 Security Operation Centers processes, technology and people who monitor security tools, assess threats, and risks involving client infrastructure and orchestration Lead and manage the Security Operations Center (SOC) team, providing direction, guidance, and support to ensure the team's effectiveness and productivity with In-depth knowledge of security operations, incident response methodologies, and security technologies (SIEM, IDS/IPS, EDR, etc.). Responsible for ensuring that all Managed Service deliverables are produced on time and within strict SLA time frames, while maintaining an innovative growth culture within SOC team. Expected to act as the escalation point for the SOC technical team Managing priorities, providing recommendations and implementing changes to methods/processes. Handle client meetings, point of contact for client requirements, onboard new clients. Manage relationships with our customers in-house operations teams and lead operational interactions/cadence with client management. Provide direction and vision to improve SOCs effectiveness, including motivating people to perform, listening to the team, providing feedback, recognizing strengths, identifying automation opportunities, reducing alert fatigue and providing adequate challenges to staff to maintain innovative growth culture. Oversee the management of our existing Managed Security Operations managed SIEM and EDR solutions, ensuring their optimal performance and effectiveness in detecting and responding to security incidents. Collaborate with the SOC analysts and engineering team to define and implement SIEM rules, alerts, and correlation logic to improve the accuracy and efficiency of threat detection. Develop and implement SOC strategies, policies, and procedures to enhance the organization's security posture and incident response capabilities. Oversee the monitoring and analysis of security events and incidents, ensuring timely detection, investigation, and response to potential threats or vulnerabilities. Taking a proactive role in utilizing Threat Intelligence and Threat Hunting activities, ensuring the SOC is ahead of potential security threats. Establish and maintain relationships with external partners, vendors, and industry peers to stay updated on emerging threats, best practices, and industry trends. Conduct regular assessments and audits of SOC processes, systems, and controls to identify areas for improvement and ensure compliance with regulatory requirements. Develop and deliver comprehensive reports and metrics on SOC performance, including incident trends, response times, and effectiveness. Stay abreast of the evolving cybersecurity landscape, emerging threats, and industry standards, providing recommendations for proactive security measures and continuous improvement of the SOC. Proven expertise in MDR and Managed SIEM, with a strong preference for experience with Leading Market vendors. Strong networking concepts, including an in-depth understanding of TCP/IP protocols, firewall configuration, network segmentation, VPNs, etc. Strong understanding of Threat Intelligence, Threat Hunting, Vulnerability Management, and risk assessment frameworks. Knowledge and hands-on experience of implementation and management of IDS/IPS, Firewall, VPN, and other security products Experience with Opensource Security Information Event Management (SIEM) tools, creating advance co-relation rules, administration of SIEM, system hardening, and Vulnerability Assessment Strong background and expertise on various security technologies including end point security, perimeter security, Advanced threat protection, Security monitoring and security Certifications: CISSP,CISM, CEH, OSCP, or equivalent are highly desirable., ITIL or equivalent

Hiring for SOC Analyst Experience- 6+ Years Position Title - SOC Analyst Experience- 4+ Skills - soc Work location- Bangalore Shift - Rotational 24/7 IF interested please share your profile on- ekta11.kumari@global.ntt Please share profiles with below details Total exp - Rel Exp NP - C CTC - E CTC - C Location. Preferred candidate profile Role & responsibilities Preferred candidate profile

What is a SOC analyst? SOC analysts can be understood as the first point of contact to any incident/threat in basic terms. SOC stands for Security Operations Center, and it consists of multiple analysts who work 24x7 rotational shifts to fight against threats that could harm an organization. A SOC analyst generally is responsible for assessing the endpoints and look for vulnerabilities using various tools and technologies. However, the role of a SOC analyst is not limited to this: SOC Analyst Job Duties and Responsibilities: Evaluate critical security incidents using detection tools. Investigate event alerts and logs from multiple endpoints. Analyze and co-relate logs from the firewall, IDS/IPS, AVs, O365, etc. Work in a 24x7 pro-active environment and respond to security alerts. Document and report incidents/offenses to the clients. Use Endpoint detection tools to detect malware across the client s environment. Maintain and send monthly, weekly reports and other client-specific documentation. Work on industry standard SIEM solutions to analyze incidents and create complex indexed searches. Using analytical skills to whitelist False Positives incidents. Keep yourself updated on security news/vulnerabilities and compose a set of Use Cases. Use basic scripting knowledge to automate processes. Onboarding new clients from scratch and configuring their network environment. Identifying compromised Endpoints by analyzing payloads/logs and notifying clients. Work on latest security technologies, including Email filtering, Compliance and Patch management, Syslog management, MDR, and SIEM.

Qualification. B.Sc/M.Sc. (computer science/IT)/ BCA /MCA/Engineering. Certification. CEH/SIEM Certification or any cybersecurity certifications Following are the key responsibilities of L1 SOC Operator: 1. Monitor Dashboards & Rules triggered by Qradar to invoke incident handling process. 2. Monitor health of QRadar looking into respective administrative dashboards. 3. Acknowledge the Offenses and alerts generated by Qradar 4. Perform Initial analysis of the Offenses triggered, or anomalies observed on the dashboards before sending it to SOC Analyst and IS Security Team. 5. Gather necessary information from QRadar with respect to the case which would serve as evidence and aid SOC Analyst in further investigation of the case. 6. Report the Offenses triggered in the form of cases to SOC Analyst for incident validation. 7. Follow-up with on the case/incident to effectively resolve the case/incident in the ticketing tool. 8. Track the lifecycle of the entire case/ incident to effectively resolve the case/incident. 9. Assist SOC Analyst by providing necessary information in managing the case/incidents. 10. Consolidate the information gathered from the automatically generated reports from Netwitness and submit to SOC Analyst for review. 11. Ensure that daily reports, weekly reports and monthly reports are generated, prepared and sent to the concerned personnel within agreed timelines. 12. Take regular backup of QRadar and SOC/IS Security devices as per the defined schedule. 13. Follow shift handover process and maintain the incident database. 14. Track server shutdowns, blocked IPs and log sources not reporting to QRadar.

We are currently seeking for a SOC Analyst our Bengaluru/Hyderabad location. Kindly add few profiles by EOD. Responsibilities of the SOC analysts: - Surveillance of an Organizations Networks and Systems: Monitor WxCCE cloud offering, including security systems, applications, and networks, to detect irregularities indicating a potential breach or attack. - Identify, Assess, and Mitigate Security Threats in Real-Time: Upon identifying a threat, work with WxCCE teams to determine the cause of the anomaly and take preventive measures to avoid future occurrences. - Incident Response and Investigation: Collaborate with team members to investigate incidents thoroughly before reporting to the authorities if needed. - Collaborates With Other Team Members to Implement Security Procedures, Solutions, and Best Practices: Work with their teams to implement and update security systems and procedures to ensure ongoing safe and secure operations within the organization. Certification/Requirements: Bachelors degree in computer engineering or similar field. Any of the following certifications is a plus -Certified Ethical Hacker (CEH) -Computer Hacking Forensics Investigator (CHFI) -EC-Council Certified Security Analyst (ECSA) -Licensed Penetration Tester (LPT) -CompTIA Security+ -CompTIA Cybersecurity Analyst (CySA+) Familiarity with ExaBeam SIEM technology a plus.

Job Title: SOC Analyst Organization Name: NEC India Reporting Relationship: IT BU Role Summary: Familiarity with SIEM tools (e.g., Splunk, ManageEngine). Knowledge of networking fundamentals, security protocols, and incident response. Understanding of malware, phishing, and other attack vectors. Strong analytical thinking and problem-solving abilities. Incident response and reporting. Responsibilities: Monitor security alerts and events through SIEM and other security platforms. Investigate suspicious activity and escalate incidents as needed. Perform initial triage and classification of security events. Collaborate with internal teams to contain and remediate threats. Conduct root cause analysis and document findings. Stay updated with emerging threats and vulnerability trends Prerequisites: Qualification -B.Sc / M.SC / B.Tech / BE / BCA / MCA, BA, B.com Ideal candidate should have a minimum of 3-6 Year experience Base Location: Noida , but flexible to travel Job Title: SOC Analyst Organization Name: NEC India Reporting Relationship: IT BU Role Summary: Familiarity with SIEM tools (e.g., Splunk, ManageEngine). Knowledge of networking fundamentals, security protocols, and incident response. Understanding of malware, phishing, and other attack vectors. Strong analytical thinking and problem-solving abilities. Incident response and reporting. Responsibilities: Monitor security alerts and events through SIEM and other security platforms. Investigate suspicious activity and escalate incidents as needed. Perform initial triage and classification of security events. Collaborate with internal teams to contain and remediate threats. Conduct root cause analysis and document findings. Stay updated with emerging threats and vulnerability trends Prerequisites: Qualification -B.Sc / M.SC / B.Tech / BE / BCA / MCA, BA, B.com Ideal candidate should have a minimum of 3-6 Year experience Base Location: Noida , but flexible to travel Specialization Description General IT Applications Development includes analysis, programming, and configuration of end user applications and/or systems software including: Analyzing detailed business/functional/technical requirements and specifications for the application Coding internally developed applications and/or configuring commercial-off-the-shelf (COTS) applications using programming, scripting, and database languages Supporting application testing, deployment, maintenance, and evolution activities by correcting programming errors, responding to scope changes, and coding application enhancements Level Description Senior level professional that applies advanced knowledge of job area typically obtained through advanced education and work experience. Works independently applying an advanced knowledge of a job area typically obtained through advanced education and work experience. Works to achieve results in a job area, overseeing and managing projects/ processes independently with limited supervision. Problems faced are difficult and are sometimes complex, though are routine. Coaching and reviewing the work of lower level professionals. Headquartered in Japan, NEC is a leader in the integration of IT and network technologies. With over 123 years of expertise in providing solutions for empowering people, businesses, and society, NEC stands tall as a champion in enabling change and transformation across the globe. Present in India since 1950, NEC has been instrumental in burgeoning India s digitization journey continually for the past 70 years. NEC India has proved its commitment to orchestrating a bright future through its diverse businesses from Telecommunications to Public Safety, Logistics, Transportation, Retail, Finance, Unified Communication and IT platforms, serving across the public and private sectors. NEC India, through the deployment of cutting-edge technology, has been powering India in seminal ways, making lives easier, safer, and more productive for all. With its Centre of Excellence for verticals like Analytics platform solutions, Big Data, Biometrics, Mobile and Retail, NEC India brings to the table, innovative, seamless solutions for India and across the world. NEC India is headquartered in New Delhi and has its offices panned across the country. It has branches in Ahmedabad, Bengaluru, Chennai, Mumbai, Noida and Surat. Specialties: IT & Networking Solutions, Unified Communication Solutions, Safety and Security Solutions, Integrated Retail Solutions, Data Centre Solutions, Safe and Smart City Solutions, Transportation Solutions, SDN Solutions, Carrier Telecom Solutions, and Solutions for Society. NEC Career Site - LinkedIn NEC Corporation Career Site Home Page Visits our Career Site to find jobs across the world with NEC, learn about our strong culture of inclusion and diversity and how we support society. NEC Corporation Career Site Home Page Visits our Career Site to find jobs across the world with NEC, learn about our strong culture of inclusion and diversity and how we support society.

Key Responsibilities Infrastructure Management: Install, configure, and maintain SOC lab hardware and software, in a highly virtualized environment, including servers, workstations, network devices, and security appliances. Perform regular system updates, patches, and upgrades to ensure security and performance. Monitor system performance and troubleshoot issues to minimize downtime. Lab Environment Configuration: Set up and maintain a variety of security tools and platforms used for training, testing, and simulation purposes. Create and manage virtual environments to emulate different network configurations and scenarios for training and testing. Security and Compliance: Implement and enforce security policies and procedures within the lab environment. Conduct regular security audits and vulnerability assessments to identify and mitigate risks. Ensure compliance with industry standards and regulatory requirements. Technical Support and Training: Provide technical support to SOC analysts and other staff using the lab environment. Assist in the development and delivery of training programs for SOC personnel on new tools, technologies, and procedures. Documentation and Reporting: Maintain detailed documentation of the lab infrastructure, including network diagrams, configuration settings, and inventory lists. Prepare reports on lab usage, performance metrics, and maintenance activities. Collaboration and Innovation: Work closely with SOC analysts, engineers, and management to understand their needs and incorporate feedback into lab improvements. Stay informed about emerging technologies and security trends to propose and implement innovative solutions in the lab. Qualifications Bachelors degree in computer science, Information Technology, Cybersecurity, or a related field. Relevant certifications (e.g., CompTIA Network+, Security+, Cisco CCNA, RHCE) are a plus. Experience with network administration, system administration, and security technologies. VMware Virtualization and vCenter server appliance and Virtual Networking Experience with both Linux and Windows Server/Desktop Operating Systems and Cloud services (Azure, AWS) Strong problem-solving skills and attention to detail. Excellent communication and interpersonal skills.

Job Description: SOC L1 Analyst Entry-level cybersecurity analyst focused on triage, monitoring, and basic incident handling within Microsoft Purview environments. Key Responsibilities: Monitor alerts from DLP, CASB, SIEM, UEBA, ATP, IRM, and other Microsoft Purview-integrated tools Perform initial triage and escalate incidents as per defined protocols Generate and distribute daily/weekly reports on alert volumes and false positives Assist in insider threat investigations and document findings Support data flow visualization and tagging of sensitive data Participate in OEM support calls and track ticket status Skills & Qualifications: Basic understanding of Microsoft Purview components (DLP, IRM, Insider Risk) Familiarity with SIEM tools and incident response workflows Strong analytical and documentation skills Exposure to dashboards and reporting tools Bachelors degree in IT, Cybersecurity, or a related field Job Description: SOC L2 Analyst Mid-level cybersecurity analyst responsible for advanced triage, investigations, and compliance reporting using Microsoft Purview. Key Responsibilities: Lead triage and resolution of complex incidents across Purview-integrated platforms Conduct insider threat investigations and behavioral anomaly analysis Generate monthly triage metrics (MTTR, top violators, coached users) Perform data flow analysis and identify control gaps Support maturity assessments and recommend remediation strategies Liaise with OEMs and ensure SLA compliance Skills & Qualifications: Hands-on experience with Microsoft Purview (DLP, IRM, Insider Risk, eDiscovery) Proficiency in threat hunting, forensic analysis, and risk modelling Experience with GenAI usage tracking and dashboard maintenance Strong understanding of compliance frameworks (HIPAA, RBI, IRDAI) Bachelors degree with relevant certifications (e.g., Microsoft SC-200, SC-400)

Role & responsibilities Security Monitoring & Triage: - Monitor alerts from SIEM, EDR (CrowdStrike), CASB (Netskope), and OT security tools (e.g., Ordr). - Perform initial triage and escalate incidents based on severity and impact. Incident Investigation & Response: - Conduct in-depth analysis of security events across IT and OT networks. - Lead containment, eradication, and recovery efforts for confirmed threats. - Document incidents, root cause analysis, and lessons learned. Threat Hunting & Detection Engineering: - Proactively hunt for threats using MITRE ATT&CK and threat intelligence. - Develop and fine-tune detection rules and response playbooks. Vulnerability Management: - Analyze vulnerability scan results and coordinate remediation with IT/OT teams. - Track patching and mitigation efforts across environments. Automation & Scripting: - Create scripts and automation workflows (Python, PowerShell, Bash) to improve SOC efficiency. -Support SOAR platform integration and playbook development. Collaboration & Communication: Work closely with IT, OT, and engineering teams to secure industrial systems. Provide mentorship to junior analysts and contribute to knowledge sharing. Escalate critical issues clearly and effectively to leadership. Required Skills & Knowledge: Strong understanding of: - Operating systems: Windows, Linux, macOS, and embedded OT systems. - Networking: TCP/IP, VLANs, VPNs, firewalls, and industrial protocols (Modbus, OPC, DNP3). - Security tools: CrowdStrike, Netskope, Ordr, FortiGate. Proficiency in scripting and automation (Python, PowerShell, Bash). Familiarity with vulnerability management tools. Knowledge of cybersecurity frameworks (MITRE ATT&CK, NIST CSF, ISO 27001). Strong analytical, problem-solving, and communication skills. Preferred Qualifications: Preferred candidate profile

Warm Greetings from SP Staffing!! Role :SOC Analyst Experience Required :8 to 12 yrs Work Location :Bangalore Required Skills, L3 Incident Management Edr SIEM Threat intelligence Interested candidates can send resumes to nandhini.spstaffing@gmail.com

Job Description We are looking for a hybrid expert in cybersecurity operations and AI engineering to lead the development, customization, and operationalization of AI-powered SOC automation systems. This role will bridge the gap between frontline SOC operations and backend AI/ML capabilities driving intelligent alert triage, threat detection, and incident response automation through tools like Intezer, Cortex XSOAR, and custom AI pipelines. You will play a key role in both defending the organization and building the intelligent systems that scale our defenses. SOC & Threat Detection (Analyst Responsibilities): Monitor and triage security alerts using AI-assisted tooling. Analyze, investigate, and escalate incidents using threat intel and log data. Provide threat context, root cause analysis, and response recommendations. Fine-tune detection rules, behavioral baselines, and IOC correlations. Serve as SME for SOC use cases and automation requirements. AI Engineering & Automation: Design and maintain ML models for anomaly detection, classification, and triage. Build automation workflows using SOAR platforms (e.g., Cortex XSOAR). Integrate AI models with SIEM, EDR, TIP, and other SOC data sources. Develop feedback loops based on SOC analyst input and incident data. Reduce false positives/negatives through intelligent alert enrichment. Collaboration & Strategy: Collaborate with threat intel, IR Drive innovation in SOC tooling through automation and AI. Maintain documentation, model explainability, and audit readiness. Stay ahead of adversarial threats and AI misuse in cyber contexts. Qualifications Must-Have: 3+ years in a SOC Analyst, Incident Responder, or Threat Hunter role. 2+ years developing or applying AI/ML in a cybersecurity or security automation c

SIEM Implementation Design, configure, and manage SIEM solutions to monitor and analyze security events effectively. Threat Detection Conduct threat hunting and develop use cases to identify and mitigate potential vulnerabilities. Incident Response Monitor alerts, perform root cause analysis, and implement corrective actions for security incidents. Integration and Collaboration Work with IT and security teams to integrate SIEM with other tools and systems seamlessly. Documentation and Training Maintain security documentation and provide training to promote a culture of security awareness. Continuous Improvement Stay updated on emerging threats and technologies to enhance the organizations security posture.

Number of Openings 1 ECMS ID in sourcing stage 535887 Assignment Duration 6months Total Yrs. of Experience 6 + Years Relevant Yrs. of experience 6+ Detailed JD (Roles and Responsibilities) Mandatory Skills Security monitoring support (L2/L2.5 Analyst) via Sentinel Console and multiple dashboards and Incident response support from ServiceNow. (a) Phishing alerts investigation in office 365 console for pending action. (b) MDATP mailbox investigation on user report phishing on day-to-day basis. (c) Bi-weekly and Monthly Reports. (d) Resolution of security incidents triggered by the SOC team (BVSOC Team) to other resolver groups. (e) Triaging of true positive Incidents for further investigation and provide recommendations. (f) Escalating High priority tickets to Client IR team and working with them till the closure (g) The L2 profiles with good hands-on experience on any SIEM tool along with experience on Email Security and Endpoint Security(EDR). Other Requisites 1. Willing to work in rotational shifts including Night Shifts Client interview mandatory Mandatory skills Desired/ Secondary skills SOC Analyst Domain Cyber Security Max Vendor Rate in Per Day (Currency in relevance to work location) INR 8307 Work Location given in ECMS ID Bangalore/Pune/Hyderabad WFO/WFH/Hybrid WFO Hybrid WFO BG Check (Before OR After onboarding) Pre Onboarding Is there any working in shifts from standard Daylight (to avoid confusions post onboarding) YES/ NO Yes ",