SOC Analyst L2

As an L2 SOC Analyst specializing in LogRhythm SIEM, your role will involve strengthening the Security Operations Center in Mumbai. With 2 to 5 years of hands-on experience in security monitoring and incident analysis, particularly focusing on LogRhythm SIEM, you will play a crucial part in the in-depth analysis, incident investigation, escalation, and coordination with response teams. Your key responsibilities will include monitoring, analyzing, and triaging security alerts from LogRhythm SIEM and other security platforms. You will be responsible for investigating and validating security incidents with detailed analysis and impact assessment, conducting threat hunting, and advanced log correlation as per SOC playbooks. Additionally, you will respond to incidents following defined escalation matrices, perform root cause analysis, recommend containment and mitigation actions, and provide guidance and mentorship to L1 SOC Analysts for escalated incidents. Moreover, you will prepare incident reports, analysis summaries, and dashboards for management, monitor and report SIEM health, log source integration issues, and tuning requirements. Your role will also involve participating in the continuous improvement of detection rules and SOC processes. Being ready to work in 24x7 rotational shifts with a constant readiness for critical incident handling is essential for this position. To excel in this role, you should possess 2 to 5 years of SOC operations experience, with a specific focus on SIEM monitoring and incident handling. Strong hands-on experience with LogRhythm SIEM is mandatory, in addition to a good understanding of security threats, attack vectors, malware behavior, and common vulnerabilities. Practical experience in analyzing logs from firewalls, IDS/IPS, endpoint security, and cloud platforms is required, along with familiarity with the MITRE ATT&CK framework and the usage of threat intelligence. Furthermore, you should exhibit strong analytical thinking, incident response capabilities, and problem-solving skills. Effective communication skills for incident reporting and escalation are essential for this role. Preferred certifications include LogRhythm Certified Deployment Engineer (LCDE) or LogRhythm Certified SOC Analyst (LCSA), while certifications such as CompTIA Security+, CEH, CySA+, or equivalent security certifications are optional. Any threat hunting or incident response certification would be considered a plus. This is a full-time role based at the Mumbai SOC facility, requiring you to work in 24x7 rotational shifts, including nights and weekends.,