Security Operations Center Analyst

Owlsure, a business unit of ValueMomentum is hiring for

Job Title - SOC Analyst

Primary Skills - MSSP or enterprise environment, SIEM, SOAR,EDR.

Location - Hyderabad

Mode of Work - Work from Office

Experience -13 Years.

Role Overview

Tier-1 SOC Analyst to work in a 24x7 environment and responsible for 24x7x365 monitoring, triage, and initial response to security events. Analysts will work in a rotation to ensure continuous coverage, supporting incident management, escalation, and reporting in a multi-client MSSP environment.

Key Responsibilities:

Continuous Monitoring: Real-time monitoring of security events across SIEM, SOAR, EDR, IDS/IPS, firewalls, and cloud platforms.

Alert Triage: Validate, investigate, and classify alerts; identify false positives and escalate genuine incidents per playbooks.

Initial Response: Execute containment actions (e.g., account lockout, IP blocking) as authorized by playbooks.

Incident Documentation: Record all incidents and actions in the case management system, ensuring accuracy and auditability.

Log Analysis: Perform basic log and event correlation to identify suspicious activity and trends.

Communication: Timely reporting of incidents and escalations to internal stakeholders, adhering to defined notification timelines.

Adherence to SLAs: Meet response, escalation, and resolution timelines as per Service Level Agreements.

Reporting: Prepare daily summary reports and contribute to monthly KPI reviews (MTTD, MTTR, incident trends).

Shift Handover: Ensure clear and complete handover at shift changes, updating case boards and SOAR queues.

Required Skills & Experience:

Experience: 12 years in Tier-1 SOC operations, preferably in an MSSP or enterprise environment.

Certifications: CompTIA Security+, (ISC) SSCP, or equivalent (or commitment to obtain within 90 days).

Technical Proficiency: Hands-on with SIEM (Splunk, QRadar, Sentinel, etc.), SOAR (IBM Resilient, Google SecOps), EDR (CrowdStrike, Defender), IDS/IPS, firewalls, and email security (Proofpoint, O365).

Google SecOps: Working experience with Google SecOps tool is must.

Case Management: Experience with ServiceNow, Jira, or similar platforms.

Playbook Execution: Familiarity with incident response playbooks and escalation procedures.

English Fluency: Strong verbal and written communication skills.

Shift Flexibility: Willingness to work overnight and weekend shifts, including holidays, with no gaps in coverage.

Compliance & Security Standards

Data Privacy: Adhere to GDPR, CCPA, and client-specific data protection agreements.

Security Frameworks: Operate in alignment with NIST CSF and ISO 27001 standards.

Access Control: Use secure access methods and follow least privilege principles.

Confidentiality: Sign and comply with NDAs and internal confidentiality agreements.

Tools & Technology

SIEM/SOAR: Proficient in event correlation, automation, and orchestration.

EDR: Monitor and respond to endpoint threats.

Incident Management: Track incidents through resolution using client platforms.

Reporting: Maintain daily and monthly metrics; ensure audit trail for all actions.

Other Requirements:

Scalability: Ability to handle surge volumes and participate in disaster recovery/business continuity plans.

Teamwork: Collaborate effectively with Tier-2/3 analysts and other stakeholders.

Continuous Improvement: Participate in onboarding, training, and ongoing skill development.

Work Environment: To work in 24 x 7 environment.

Google SecOps Exposure: Working experience with Google SecOps tool is must.

Client Exposure: Exposure to directly working with USA clients is must.

Benefits

Allowances: Transportation, food, and night-shift allowance provided.

Training: Structured onboarding and ongoing training.

Growth: Opportunity to work with advanced SOC technologies and diverse client environments.