Security Analyst

SOC Analyst / Cybersecurity Analyst

Location: Bengaluru

Role overview:

We are seeking a highly motivated and detail-oriented SOC Analyst (Level 1 / Level 2) to join our Cyber Security Operations team. The ideal candidate will be responsible for real-time security monitoring, threat detection, incident response, vulnerability management, and compliance support across enterprise and cloud environments. This role demands strong analytical skills, hands-on security operations experience, and the ability to work effectively in 247 SOC

operations.

How you will create impact:

Key Responsibilities

1. Security Monitoring & Alert Management

Perform 247 real-time monitoring of security alerts and events across multiple security platforms.

Handle and triage security incidents & alerts, ensuring timely investigation and resolution.

Continuously monitor applications, servers, endpoints, databases, cloud workloads, and network infrastructure.

Identify, analyze, prioritize, and independently escalate critical security incidents based on severity and impact.

Ensure continuous health monitoring of SIEM, EDR, DLP, Email Security, and Cloud Security platforms.

2. Threat Detection & Incident Response

Investigate suspicious activities, phishing attempts, malware alerts, brute-force attacks, anomalous logins, and

lateral movement indicators.

Perform Level 1 and Level 2 incident response, including containment, eradication, recovery, and post-incident

analysis.

Execute real-time containment actions such as account isolation, endpoint quarantine, IP blocking, and session

termination.

Conduct root cause analysis (RCA) and recommend corrective and preventive actions.

Maintain complete documentation of incidents, evidence, response actions, and resolution.

3. Email Security & Phishing Response

Monitor and respond to email security alerts generated from Enterprise security platforms.

Perform phishing investigation, header analysis, URL detonation, malware sandboxing, and IOC extraction.

Execute remediation steps including mailbox purge, domain blocking, sender blacklisting, and user awareness

notifications.

Support phishing simulation exercises and employee awareness programs.

4. Vulnerability & Compliance Management

Manage vulnerability alerts across servers, applications, endpoints, network devices, containers, and cloud

workloads.

Coordinate remediation activities with DevOps, application teams, infrastructure teams, and system owners.

Track vulnerability closure through ticketing systems and compliance dashboards.

Support regulatory and compliance initiatives relevant to FinTech environments including PCI DSS, ISO 27001,

SOC 2, GDPR, RBI, and data protection regulations.

Assist in internal audits, external audits, and compliance evidence preparation.

5. System & Network Security Analysis

Analyze Windows and Linux system logs, event logs, syslogs, authentication logs, and audit trails.

Investigate endpoint and server behavioral anomalies.

Troubleshoot network security events related to:

TCP/IP, DNS, HTTP/HTTPS

VPN, routing, switching, proxies, and firewall logs

Perform packet analysis and traffic correlation during investigations.

6. Red Team Awareness & Security Testing (Basic)

Understand attack techniques such as: Port scanning, enumeration, exploitation attempts, Privilege escalation,

persistence, lateral movement

Assist blue team in improving detection logic, SIEM correlation rules, and SOC playbooks based on simulated

attacks.

Support vulnerability validation and post-remediation verification.

7. Reporting, Documentation & SOC Process Improvement

Provide management dashboards and KPIs on: Incident trends, Alert volumes, SLA compliance, Risk exposure etc

Support continuous improvement initiatives in SOC processes and workflows.

Essential qualifications:

Bachelor's degree in Computer Science, Information Security, Cybersecurity, or related field.

25 years of hands-on experience in SOC operations, incident response, or cybersecurity monitoring.

Strong understanding of: Cyber attack vectors & Incident lifecycle, MITRE ATT&CK framework

Hands-on experience with SIEM platforms (Wazuh preferred) and EDR/XDR tools.

Practical knowledge of:

Email security and phishing analysis, Malware investigation, Log correlation and forensic analysis, Solid understanding

of cloud security (AWS and Microsoft 365). Working knowledge of network security concepts, firewalls, WAF, IDS/IPS.

Nice to have:

CompTIA Security+

CEH (Certified Ethical Hacker)

Microsoft Security Certifications (SC-200, SC-300)

AWS Security Specialty

SIEM / EDR vendor certifications

Key Attributes

Strong analytical and troubleshooting mindset

Ability to operate independently under pressure

Excellent verbal and written communication skills

High attention to detail and investigative mindset

Strong sense of ownership and urgency

Willingness to work in 247 rotational SOC shifts