SOC L2/L3 Professional

Job Description

Here's a reframed job description for a SOC L2/L3 Professional, tailored to your specifications: SOC L2/L3 Professional Location: Bengaluru Experience: 4-6 Years We are looking for a skilled and dedicated SOC L2/L3 Professional with 4-6 years of hands-on experience in a Security Operations Center (SOC) or security technology operations. Based in Bengaluru , you will play a critical role in our 24/7 security defense, contributing to the detection, analysis, and response to sophisticated cyber threats. You will be responsible for advanced incident analysis, threat hunting, and leveraging a wide array of security technologies to safeguard our clients environments. This role requires flexibility to work rotating shifts to ensure continuous support. Key Responsibilities: Perform advanced security incident analysis and response, escalating critical issues to relevant teams and management. Utilize Security Information and Event Management (SIEM) tools to monitor security alerts, investigate anomalies, and identify potential threats. Conduct in-depth analysis of security events from various sources including IDS/IPS, EDR, DLP, WAF, Proxies, and firewalls. Contribute to threat hunting initiatives using threat intelligence to proactively identify hidden threats and vulnerabilities. Operate and optimize security technologies such as Endpoint Detection and Response (EDR), Anti-Virus solutions, Sandboxing, and network/host-based firewalls. Understand and analyze Advanced Persistent Threat (APT) tactics, techniques, and procedures (TTPs) to enhance detection capabilities. Recognize and interpret various attack activities, including network probing/scanning, DDoS attacks, and malicious code activity. Collaborate with internal and external teams during incident response, providing technical expertise and guidance. Document incident details , remediation steps, and contribute to the continuous improvement of SOC processes and playbooks. Maintain up-to-date knowledge of the latest cybersecurity threats, vulnerabilities, and industry best practices. Required Qualifications: 4-6 years of demonstrable experience working in a Security Operations Center (SOC) or in a strong security technology operations role. Bachelor's degree in Computer Science, Information Security, or a related field is preferred. Willingness and ability to work shifts on a rotating basis to provide 24/7 support for clients. Mandatory Skills & Certifications: Certifications (one or more highly preferred): Certified Information Systems Security Professional (CISSP) GIAC Certified Intrusion Analyst (GCIA) GIAC Continuous Monitoring (GMON) Certified Ethical Hacker (CEH) Or equivalent industry-recognized security certifications. Security Technologies Expertise: Security Information and Event Management (SIEM) platforms. Intrusion Detection/Prevention Systems (IDS/IPS). Data Loss Prevention (DLP) solutions. Proxy and Web Application Firewalls (WAF). Endpoint Detection and Response (EDR) tools. Anti-Virus and Sandboxing technologies. Network- and host-based firewalls. Threat Intelligence platforms and their application. Exposure to Penetration Testing concepts and methodologies. Threat Intelligence Knowledge: Understanding of Advanced Persistent Threats (APT) tactics, techniques, and procedures (TTPs). Attack Recognition: Strong understanding of common attack activities such as network probing/scanning, DDoS attacks, and malicious code activity. Networking Fundamentals: Solid understanding of common network infrastructure devices (routers, switches) and basic networking protocols (TCP/IP, DNS, HTTP). Security Architecture: Basic knowledge in system security architecture and security solutions.