Security Operations Center Analyst (Qradar) L3 || 7 Year+ || Mumbai || Only Immediate Joiner

Job Description:

SOC Analyst L3

Location: Mumbai

Experience: 7+ Years

Role: Security Operations Center (SOC) Analyst L3

Job Summary

The SOC Analyst L3 will act as a senior escalation point within the Security Operations Center, responsible for advanced threat analysis, incident response, security monitoring, and guiding L1/L2 teams. The role requires deep expertise in SIEM platforms, threat hunting, malware analysis, and security incident lifecycle management.

Key Responsibilities

• Lead security incident investigations and coordinate end-to-end incident response activities.
• Perform advanced threat hunting to identify hidden, sophisticated attacks.
• Analyze and respond to critical security alerts escalated by L1/L2 analysts.
• Conduct in-depth malware analysis, log analysis, and forensic investigations.
• Develop detection rules, correlation logic, and use cases in SIEM tools (e.g., Splunk, QRadar, ArcSight).
• Provide guidance, mentoring, and technical leadership to L1/L2 SOC staff.
• Review and improve SOC processes, runbooks, and incident workflows.
• Validate, tune, and optimize SIEM alerts to reduce false positives.
• Create incident reports, RCA documentation, and executive summaries.
• Integrate new threat intel feeds and apply intelligence to active investigations.
• Support auditing, compliance, and vulnerability remediation actions.
• Collaborate with security engineering, network teams, and IT teams during investigations.

Required Technical Skills

• Expertise in SIEM technologies: Splunk / QRadar / ArcSight / Sentinel .
• Strong knowledge of SOC operations, IR lifecycle, MITRE ATT&CK framework .
• Advanced skills in log analysis, packet analysis, network security, and Linux/Windows internals .
• Experience with Firewalls, IDS/IPS, EDR tools (CrowdStrike, Carbon Black, SentinelOne) .
• Hands-on with Threat Hunting, Forensics, and Malware Analysis .
• Good understanding of Cloud Security (AWS/Azure) monitoring and logs.
• Expertise in Threat Intelligence platforms , IOC/IOA enrichment, and use-case creation.
• Scripting ability (Python, PowerShell, Bash) for automation is an added advantage.

Soft Skills

• Strong analytical and problem-solving ability.
• Excellent communication and documentation skills.
• Ability to handle high-severity incidents under pressure.
• Leadership and mentoring capabilities.

Education & Certifications (Preferred)

• Bachelors degree in IT/CS or related field.
• Certifications such as CEH, ECSA, GCIH, GCIA, SIEM-specific certifications, CompTIA Security+, CySA+ , or equivalent.