SOC Analyst (L1)

Job Summary:

We are looking for a dedicated and analytical SOC Analyst (L1) to join our cybersecurity team. The selected candidate will be responsible for monitoring security alerts, analyzing incidents, and supporting incident response activities to ensure the organization's security posture remains strong. This role involves working with SIEM tools, IDS/IPS systems, and endpoint security platforms to detect and respond to threats in real time.

Key Responsibilities:

1. Monitor security systems and tools (SIEM, IDS/IPS, firewalls, EDR) for potential threats and suspicious activities.

2. Investigate anomalies, breaches, and alerts; support containment and mitigation activities.

3. Respond to incidents following established Incident Response (IR) procedures.

4. Coordinate with IT, SOC, and cybersecurity teams to enhance detection and remediation measures.

5. Contribute to improving security processes, playbooks, onboarding procedures, and best practices.

6. Participate in internal security audits and ensure compliance with standards such as ISO 27001, NIST, etc.

7. Conduct proactive threat hunting and identify potential Indicators of Compromise (IoCs).

8. Identify policy violations, suspicious behavior, and attack patterns as per MITRE ATT&CK.

Required Qualifications:

1. B.E/B.Tech / MCA / MBA / PG in Computer Science or related fields with (Minimum 60% aggregate or First Division).

2. Certifications related to SOC/SIEM/Incident Response CompTIA CySA+ (Cybersecurity Analyst), GCIH – GIAC Certified Incident Handler, GSOC – GIAC Security Operations Certified.

3. Any SIEM-specific certifications (Splunk, QRadar, Sentinel, etc.) are an added advantage.

Required Skills :

1. Hands-on experience in monitoring, analyzing, and responding to security alerts.

2. Working knowledge of SIEM tools, EDR solutions, IDS/IPS, and firewall logs.

3. Strong skills in log analysis, incident triage, threat detection, and escalation.

4. Familiarity with MITRE ATT&CK, IoC identification, malware behavior, and attack vectors. 5. Understanding of TCP/IP networking, firewall rules, and basic threat-hunting techniques.

6. Minimum 3 years of experience in a Security Operations Center (SOC) or similar cybersecurity environment.

7. Experience in Managing and maintaining SIEM platforms, Incident detection, analysis, and response ,Log analysis and threat investigation, Working with endpoint security, IDS/IPS, and network security tools.

Job Type: Full-time

Benefits:

• Provident Fund

Work Location: In person