L1 SOC Analyst - Splunk, SPL, Crowdstrike

Role Description L1 SOC Analyst - Splunk, SPL, Crowdstrike Location : Hyderabad, Bangalore Experience : 2 to 4 years Duties And Responsibilities Hands-on content (use case) development experience using SIEM query languages (Splunk SPL, Kusto Query). Splunk on prem and cloud experience. Strong understanding of security event logging, parsing, and correlation. Design and customize complex search queries, develop dashboards, data models, reports and optimize their performance Understanding of the MITRE ATT&CK framework Experience working with various technical departments to enhance threat detections of deployed SIEMs. Monitor and analyze security s, incidents, and logs generated from CrowdStrike Falcon EDR platform. Perform triage, investigation, and response to endpoint-related security incidents. Conduct threat hunting and proactive analysis to identify suspicious or malicious activity across endpoints. Strong knowledge of CrowdStrike Falcon (policies, detections, investigations, RTR, dashboards). Experience in endpoint investigation and forensics (Windows, Linux, macOS). Familiarity with MITRE ATT&CK framework and common adversary tactics, techniques, and procedures (TTPs). Desired Technical Skills Bachelor?s degree in computer science, Information Technology, or related field. 3+ years of relevant experience required. Splunk Enterprise Security Certified Admin is preferred, CISSP, CISM, or equivalent cybersecurity certifications are good to have. Experience with SIEM (Splunk), EDR (CrowdStrike), and other cybersecurity tools. Strong understanding of security operations concepts, including threat hunting, incident response, and malware analysis. Familiarity with scripting languages (Splunk SPL, Bash) Excellent analytical skills, with the ability to assess complex security issues and formulate effective solutions.