Position : SOC Analyst - L3
Experience : 8+ Years
Location : Mumbai
Notice Period : Immediate ( First preference) Or Max - 45 Days
Key Responsibility :
Device Integration
- Integrate devices with SIEM, configure rules.
Incident Investigation & Response
- Handle high-severity incidents (P2/P1) escalated by L2.
- Perform forensic analysis on endpoints, servers, and network devices.
- Correlate alerts across SIEM, EDR, NDR, and firewalls to identify attack chains.
- Lead RCA, containment, and recovery.
- Report incident status to SOC Manager/CISO.
SIEM Tuning & Use-Case Enhancement
- Fine-tune detection rules for better accuracy.
- Create/modify SIEM rules, queries, dashboards, and reports.
- Validate log sources and develop advanced detection use cases.
Threat Hunting
- Conduct proactive hunts using threat intelligence and IOC feeds.
- Document findings and recommendations.
Threat Intelligence Correlation
- Map threats to MITRE ATT&CK techniques.
Incident Coordination & Escalation
- Lead technical response, coordinate with IT, network, and app teams.
- Escalate critical incidents to SOC Manager/CISO.
Tool & Technology Optimization
- Monitor SIEM, SOAR, EDR/XDR, NDR, and Threat Intel platform performance.
- Address log source onboarding/agent failures.
Reporting & Documentation
- Update incident tickets and SOC tracker.
- Contribute to weekly performance reports.
Mentoring & Support
- Guide L2 analysts and approve incident closure summaries.
SOAR Automation
- Test and improve SOC tools/automation.
- Review playbooks, SOPs, and response templates.
Interested Candidate can Share their CV TO [Confidential Information]
