Security Operations Center Analyst L2 || Only Immediate Joiner || Mumbai

Job Title: Senior SOC Analyst (L2)

Location: Mumbai, India

Experience Required: 4+ Years

Employment Type: Full-Time

Job Summary:

NTT DATA is seeking an experienced Senior SOC Analyst to join our Security Operations Center (SOC) in Mumbai. The candidate will play a key role in detecting, analyzing, responding to, and preventing cybersecurity incidents across enterprise environments. The ideal professional will have strong technical, analytical, and communication skills with a deep understanding of threat landscapes, SIEM technologies, and incident response processes.

Key Responsibilities:

• Perform real-time security monitoring, analysis, and incident response for enterprise systems, networks, and applications.
• Investigate security alerts and correlate events using SIEM tools (e.g., Splunk, QRadar, ArcSight, Azure Sentinel).
• Conduct threat hunting, log analysis, and root cause investigations for potential or actual incidents.
• Manage the incident response lifecycle triage, containment, eradication, recovery, and post-incident review.
• Escalate incidents to higher levels (L3 or CSIRT) as per defined playbooks.
• Develop and tune correlation rules, dashboards, and detection use cases .
• Collaborate with IT, network, and application teams to mitigate vulnerabilities.
• Generate incident reports , maintain SOC documentation, and contribute to process improvements.
• Participate in security assessments, vulnerability management, and threat intelligence integration .
• Mentor junior analysts (L1/L2) and help strengthen SOC operational maturity.

Required Skills and Qualifications:

• Bachelors degree in Computer Science, Information Security, or related discipline.
• 4+ years of total IT/security experience, with minimum 4+ years in SOC operations .
• Proficient in SIEM platforms such as Splunk, IBM QRadar, ArcSight, or Azure Sentinel.
• Strong understanding of network protocols, firewalls, proxies, endpoint security, and malware analysis.
• Expertise in incident response, log analysis, and threat intelligence correlation.
• Familiarity with MITRE ATT&CK framework, NIST, and ISO 27001 standards.
• Experience with EDR tools (CrowdStrike, Carbon Black, SentinelOne, etc.).
• Knowledge of Windows, Linux, and cloud security (AWS, Azure) environments.
• Excellent analytical thinking, documentation, and communication skills.

Preferred / Good to Have:

• Certifications: CEH, CHFI, CompTIA Security+, GCIA, GCIH, or Splunk Certified Analyst.
• Experience in security automation (SOAR) and playbook development .
• Exposure to threat hunting, forensic analysis, and purple team activities.