Security Operations Center Analyst

Position : SOC Analyst - L3

Experience : 8+ Years

Location : Mumbai

Notice Period : Immediate ( First preference) Or Max - 45 Days

Key Responsibility :

Device Integration

• Integrate devices with SIEM, configure rules.

Incident Investigation & Response

• Handle high-severity incidents (P2/P1) escalated by L2.
• Perform forensic analysis on endpoints, servers, and network devices.
• Correlate alerts across SIEM, EDR, NDR, and firewalls to identify attack chains.
• Lead RCA, containment, and recovery.
• Report incident status to SOC Manager/CISO.

SIEM Tuning & Use-Case Enhancement

• Fine-tune detection rules for better accuracy.
• Create/modify SIEM rules, queries, dashboards, and reports.
• Validate log sources and develop advanced detection use cases.

Threat Hunting

• Conduct proactive hunts using threat intelligence and IOC feeds.
• Document findings and recommendations.

Threat Intelligence Correlation

• Map threats to MITRE ATT&CK techniques.

Incident Coordination & Escalation

• Lead technical response, coordinate with IT, network, and app teams.
• Escalate critical incidents to SOC Manager/CISO.

Tool & Technology Optimization

• Monitor SIEM, SOAR, EDR/XDR, NDR, and Threat Intel platform performance.
• Address log source onboarding/agent failures.

Reporting & Documentation

• Update incident tickets and SOC tracker.
• Contribute to weekly performance reports.

Mentoring & Support

• Guide L2 analysts and approve incident closure summaries.

SOAR Automation

• Test and improve SOC tools/automation.
• Review playbooks, SOPs, and response templates.

Interested Candidate can Share their CV TO