Role: Sr. SOC Analyst
Experience: 4 to 8 years
Location: Bangalore
Work mode: Work from Office (hybrid)
The candidate must be willing to work in the rotational shifts 24/7.
Job Description:
Skills and Experience:
• 4 + years of security operations experience
• Correlate and analyse events using the Splunk/Log Rhythm/Qradar and stellar
cyber SIEM tool to detect IT security incidents. Knowledge of network and
endpoint security, threat intelligence, and vulnerabilities.
• Conduct analysis of log files, including forensic analysis of system resource
access.

• Review customer reports to ensure quality and accuracy.
• Monitor multiple security technologies, such as SIEM, IDS/IPS, Firewalls,
Switches, VPNs, networking and other security threat data sources.
• Knowledge of sandbox and malware analysis.
• Knowledge of Cyber Kill Chain and MITRE ATT&CK frameworks functionality.
• Possible attack activities, such as scans, man in the middle, sniffing, DoS, DDoS,
etc. and possible abnormal activities, such as worms, Trojans, viruses, etc.
• CCNA, CEH, CISSP, GCA, GCIA, GCIH, SANS certification would be preferable.
• High level of integrity, professionalism, and attention to detail
• Ability to communicate complex security issues to peers and management alike.
• A motivated, self-managed, individual who can demonstrate above average
analytical skills and work professionally with peers and customers even under
pressure.
Roles & Responsibilities:
• Senior level SOC analyst, mentoring junior analysts. Develop and maintain SOC
processes, playbooks, and standard operating procedures to ensure consistent
and effective response to security events.
• Incident Analysis: Conduct detailed analysis of escalated security incidents.
Coordination of end-to-end Security Incident management on escalated
incidents, ensuring timely updates to stakeholders and efficient resolution of
incidents, to achieve the RCA.
• Threat Monitoring and Analysis: Monitor security alerts and events using SIEM
and other security tools. Lead and coordinate proactive threat hunting to identify
potential risks and vulnerabilities. Analyzing and integrate threat intelligence
feeds to the platforms and stay updated on emerging threats.
• Collaboration: Creatively solve problems collaborating with SecOps, Platform,
Delivery, IT and Engineering team members.
• Monitoring and analysis of security events to detect and respond to threats.
Ensure timely and effective responses to security events, including root cause
analysis, containment, eradication, and recovery. Coordinate with other
departments, ensuring clear communication and alignment.
• Forensic Analysis: Perform forensic analysis and malware analysis of
Computers. Collect and analyze forensic artifacts, including memory and disk
images to identify malicious activity. Gather evidence for legal and investigative
purposes.
• Continuously improve SOC operations by evaluating and implementing new
tools, technologies, and methodologies. Automate workflows using PowerShell,
regular expressions, and API.
• Integrate threat intelligence into SOC operations, ensuring that the team is aware
of and prepared for emerging threats. Oversee the creation and refinement of
detection rules, ensuring they are aligned with MITRE ATT&CK Framework. Lead
efforts to identify gaps in monitoring and develop strategies to enhance
detection capabilities.
• Work closely with the IT and cybersecurity teams to ensure alignment on security
strategies and initiative

Qualifications:
• Education: Bachelor’s degree in information technology, Computer Science,
Business, or Engineering required, or equivalent experience.
• Certifications: Advanced certifications such as CISSP, OSCP, GCIH, GSOC or
GCIA.
• Incident Response Experience: 4+ years of experience in Cyber Incident
response and investigations.
• Strong interpersonal skills with the ability to collaborate well with others. And,
strong written, verbal and communication skills must need.
Key Areas to focus:
• Experience in Threat Analysis and investigation
• Hands on experience in any SIEM
• should be available for monitoring 24/7.
• Experience in writing use cases
• Must have handling critical incident
• Experience in malware analysis
• Certification not mandatory