SOC SupportL2/L3

Teamware Solutions

2 - 5 years

3 - 6 Lacs

Noida Uttar Pradesh India

Posted:1 day ago| Platform: Foundit logo

Apply

Skills Required

L2/L3 support forensic analysis

Work Mode

On-site

Job Type

Full Time

Job Description

SOC Support L2/L3 Analyst

Key Responsibilities

Perform
advanced security monitoring and analysis
of security events from various sources (SIEM, EDR, network logs, etc.) to detect and identify potential threats, intrusions, and anomalies.
Lead
incident response activities
for complex security incidents (e.g., malware outbreaks, phishing campaigns, unauthorized access), from initial triage and containment to eradication and recovery.
Conduct
in-depth forensic analysis
on compromised systems to determine root causes, attack vectors, and impact.
Develop and refine
SIEM correlation rules, alerts, and dashboards
to enhance threat detection capabilities.
Provide
L2/L3 support
for security incidents, acting as an escalation point for junior analysts and guiding their investigations.
Research emerging threats, vulnerabilities, and attack techniques, and propose proactive mitigation strategies.
Create detailed
incident reports, post-mortem analyses, and remediation plans
.
Collaborate with IT, network, and application teams to implement security controls and improve overall security posture.

Qualifications

Proven experience in a
Security Operations Center (SOC) role at L2 or L3 level
.

Skills Required:

Strong expertise in SIEM platforms
(e.g., Splunk ES, Microsoft Sentinel, IBM QRadar, Elastic SIEM) for security event monitoring, correlation, and analysis.
Hands-on experience with
Incident Response methodologies
and tools.
Proficiency in
network security concepts
(firewalls, IDS/IPS, VPNs),
endpoint security (EDR/XDR)
, and cloud security principles.
Solid understanding of common
cyberattack techniques, tactics, and procedures (TTPs)
, including MITRE ATT&CK framework.
Experience with
forensic analysis tools
and techniques for host and network forensics.
Knowledge of scripting languages (e.g., Python, PowerShell) for automation and analysis.
Excellent analytical, problem-solving, and communication skills to articulate complex security issues.
Relevant cybersecurity certifications (e.g., CompTIA CySA+, SANS GCIH, GCFA, CEH, SC-200, SC-900).

Preferred Skills:

Experience with cloud security monitoring in platforms like AWS, Azure, or GCP.
Familiarity with threat intelligence platforms and frameworks.
Knowledge of compliance standards (e.g., ISO 27001, NIST, GDPR).
Experience with vulnerability management and penetration testing concepts.

Mock Interview

Practice Video Interview with JobPe AI

Start Job-Specific Interview

Start Your Job Search Today

Browse through a variety of job opportunities tailored to your skills and preferences. Filter by location, experience, salary, and more to find your perfect fit.