SOC Specialist I - Cyber Security

5 - 7 Years
1 Opening
Trivandrum

We are seeking a highly skilled and proactive Senior SOC Analyst to join our team and manage our cybersecurity defense capabilities. The ideal candidate will have hands-on expertise in IBM QRadar SIEM, UEBA, Deception technologies, SOC Radar (or similar DRP tools) and SOC operations, along with a strong command of Python scripting.
This role is responsible for end-to-end threat detection, investigation, response and mitigation across the enterprise, with an additional focus on Dark Web and Brand Protection monitoring, SIEM integration and validation and proactive threat hunting. The analyst will work closely with cross-functional stakeholders to ensure timely remediation of threats and resolution of anomalous activities. The selected resource will also be actively involved in evaluating and implementing Proof of Concept (PoC) solutions and supporting the rollout of new security technologies and integrations within the environment. Python scripting experience is mandatory for automating detection use cases, integrating disparate security tools and optimizing SOC workflows. ________________________________________ Key Responsibilities: SIEM Management & Integration: Monitor and manage the integration and validation of all enterprise infrastructure (servers, endpoints, databases, applications, cloud workloads and security tools) with IBM QRadar SIEM. Ensure comprehensive and accurate log ingestion from all critical assets. Develop and tune correlation rules, dashboards and custom detection use cases. Maintain and document all log source integrations and ensure ongoing operational health. Security Monitoring & Incident Handling: Actively monitor s and offenses generated by QRadar, SOC Radar, UEBA and Deception technologies. Investigate and analyze suspicious behavior and escalate legitimate threats. Coordinate with internal teams and stakeholders (IT, App, Infra, Risk, Compliance) to validate and remediate threats or abnormal activity. Lead incident response, documentation and reporting for confirmed incidents. Dark Web & Brand Monitoring (SOC Radar): Use SOC Radar (or similar tools) to detect brand abuse, credential leaks, phishing campaigns, data exposure and executive impersonation. Validate and enrich findings with internal context, then coordinate with stakeholders for mitigation and takedown efforts. UEBA & Deception Monitoring: Analyze behavioral anomalies and deceptive signals to detect insider threats, compromised accounts, or lateral movement. Investigate findings from UEBA and deception systems and take appropriate remediation steps in coordination with relevant business units. Threat Hunting & Automation: Conduct proactive threat hunts based on IOCs, TTPs, threat actor activity, and behavioral patterns. Leverage Python scripting for automation, enrichment, correlation and tool integration to improve efficiency and detection fidelity. Contribute to the development of internal scripts and tools to streamline security operations. Core Responsibilities 24/7 Incident Response: Immediate support during security breaches with a 1-hour SLA Threat Containment & Root Cause Analysis: Isolate malicious activity, identify breach sources, and assess impact Forensic Investigations: Conduct static and dynamic malware analysis, sandboxing, and IOC (Indicators of Compromise) identification Incident Classification & Prioritisation: Evaluate scope, impact, and criticality to determine escalation paths Reporting: Generate detailed incident reports including timelines, compromised assets, MITRE TTPs, and recommendations Team Coordination Collaborate with CTI Analysts, SOC Specialists, and Threat Hunters to execute response plans Liaise with clients for DFIR activation and updates Duties & Responsibilities Monitor network/system logs for suspicious activity. Investigate s and perform digital forensics. Develop and execute incident response plans. Coordinate with IT/security teams to contain threats. Document incidents and maintain response databases. Conduct post-incident reviews and recommend improvements. ________________________________________ Required Skills & Experience: Minimum 5 years of experience in a SOC, Threat Intelligence, or Cybersecurity Analyst role. Proven hands-on experience with IBM QRadar SIEM (log integration, AQL, custom rules). Strong experience with SOC Radar or similar DRP/Digital Risk Protection platforms. Deep understanding and practical usage of UEBA and Deception technologies. Python scripting expertise is mandatory - ability to write scripts for automation, threat analysis, and system integrations. Strong grasp of MITRE ATT&CK, cyber kill chain, and advanced threat actor tactics. Excellent incident analysis, communication, documentation, and stakeholder management skills. ________________________________________ Preferred Qualifications: Industry certifications such as GCIA, GCIH, CEH, CISSP, CyS

incident management,incident response,siem,mitre att&ck,