Senior Security Operations Center Analyst || Only Immediate Joiner

Job Description

Job Description: SOC Analyst (L2/L3) ? 7+ Years Experience Location: Mumbai Experience: 7+ Years Mode: Full Time Note: Only Immediate Joiner Role Overview We are seeking an experienced SOC Analyst (L2/L3) to support advanced security monitoring, threat detection, investigation, and incident response within a 24/7 Security Operations Center. The ideal candidate will have deep technical expertise in SIEM, threat hunting, SOC processes, and security incident lifecycle management. Key Responsibilities Security Monitoring & Analysis Perform continuous security monitoring using SIEM tools (Splunk/QRadar/ArcSight/LogRhythm). Analyze alerts, logs, network traffic, and endpoint telemetry. Identify false positives and fine-tune detection rules/correlation alerts. Utilize threat intelligence feeds to enrich events and improve detection. Incident Detection & Response Lead and drive end-to-end Incident Response (IR) activities. Perform deep-dive investigations of security incidents, malware, network attacks, and suspicious activities. Execute containment, eradication, and recovery procedures. Document incidents and generate detailed incident reports & RCA. Threat Hunting Conduct proactive threat hunting using SIEM, EDR, Threat Intel, and behavioral analytics. Detect anomalies, unknown threats, and lateral movement patterns. Build new detection rules and playbooks from hunt outcomes. Endpoint & Network Security Analyze endpoint alerts using EDR tools (CrowdStrike, Carbon Black, SentinelOne, Defender for Endpoint). Investigate network-based attacks: DDoS, brute-force, privilege escalation, insider threats, malware, ransomware. Vulnerability & Risk Management Coordinate with security teams for vulnerability prioritization and remediation. Support risk assessments and recommend mitigation strategies. Automation & Playbooks Improve SOC efficiency using SOAR tools (Cortex XSOAR, Splunk SOAR, IBM Resilient). Create and update incident response runbooks and automated workflows. Collaboration & Reporting Work closely with IT, Cloud, Infra, and App teams for resolution. Prepare weekly/monthly security reports, dashboards, and executive summaries. Provide knowledge transfer and mentor junior analysts. Required Skills & Qualifications 7+ years experience in SOC operations (L2/L3 role preferred). Hands-on experience with SIEM (Splunk/QRadar/ArcSight/ELK). Strong expertise in EDR , SOAR , and Threat Intelligence . Deep understanding of MITRE ATT&CK , NIST, ISO 27001, and security frameworks. Advanced knowledge of TCP/IP, firewalls, IDS/IPS, proxies, DNS, VPN, and network security concepts. Experience in Incident Response, Malware Analysis, Threat Hunting, Log Analysis . Ability to write detection rules, correlation searches, and signatures. Strong analytical, documentation, and communication skills. Preferred Certifications CEH / CHFI CompTIA Security+ / CySA+ Splunk Power User / Admin GCIA / GCIH / GMON Azure/AWS Security Shift Should be flexible for 24/7 rotational shifts .