SOC L3 – SIEM, SOAR, Administrations ,Threat Hunting.

4 - 9 Years
1 Opening
Trivandrum

Job Title: L3 SOC Engineer

Work Location: Trivandrum

Job Summary:
We are seeking a highly skilled and detail-oriented L3 SOC Engineer to join our Security Operations Center (SOC) team. You will play a critical role in detecting, investigating, and responding to advanced security threats using a variety of tools and platforms. This role requires deep expertise in cybersecurity, incident response, and SOC operations, along with the ability to mentor team members and drive process improvements.

Key Responsibilities

• Monitor security events using SIEM and other tools to identify potential threats across the organization.
• Analyze, triage, and prioritize s to separate false positives from real security incidents.
• Act as an escalation point for critical security incidents and coordinate response activities.
• Perform in-depth incident investigations, including containment, eradication, and recovery.
• Block malicious IPs/domains, disable compromised accounts, and execute other containment actions.
• Conduct proactive threat hunting and log analysis to detect advanced threats.
• Perform daily health checks of SOC tools and monitoring infrastructure to ensure operational readiness.
• Maintain detailed and accurate incident documentation, logs, and reports.
• Follow established SOPs, playbooks, and incident response frameworks for consistent handling.
• Collaborate with IT, infrastructure, and security teams during investigations and remediation.
• Stay updated on evolving threats, TTPs (Tactics, Techniques, and Procedures), and security best practices.

Required Skills & Experience

• Experience: 4–7 years in SOC or Cybersecurity, with at least 2 years at an L3 level.
• Core Skills: SOC L3 operations, SIEM administration, incident response, and threat hunting.
• Tools & Platforms:
• SIEM: FortiSIEM, QRadar, Sentinel, Splunk, Google SecOps.
• SOAR: FortiSOAR, Google SOAR.
• Strong knowledge of attack patterns, IOCs, and APTs.
• Hands-on experience with system logs, network traffic analysis, and security tools.
• Proficiency in creating custom parsers, implementing SIEM/SOAR integrations, and writing runbooks/playbooks.
• Strong analytical, problem-solving, and communication skills.

Good-to-Have Skills

• Experience with DLP, PAM, EDR solutions.
• Familiarity with security frameworks (NIST, ISO 27001, MITRE ATT&CK, etc.).
• Ability to mentor and train junior SOC members.

Additional Responsibilities

• Lead war-room discussions and provide executive-level briefings during critical incidents.
• Identify process gaps and recommend improvements for detection and response capabilities.
• Ensure end-to-end management of high-severity incidents and document lessons learned.

Proactive threat hunting,

• Proficiency in creating custom parsers, implementing SIEM/SOAR integrations, and writing runbooks/playbooks.