Role Overview
We are looking for a proactive SOC Analyst to monitor, detect, and respond to security threats across the enterprise. The role requires hands-on experience with Microsoft Sentinel and CrowdStrike, along with strong fundamentals in security monitoring and incident response.
Key Responsibilities
- Monitor and analyze security alerts using Microsoft Sentinel (SIEM)
- Perform triage, investigation, and classification of security incidents
- Investigate threats such as phishing, malware, brute force, and unauthorized access
- Monitor endpoints using CrowdStrike EDR / Microsoft Defender
- Analyze logs from cloud platforms, firewalls, WAF, servers, and applications
- Escalate critical incidents to L2/L3 teams as per SOPs
- Document incidents, findings, and actions in ticketing systems
- Follow playbooks and incident response procedures
- Maintain shift handovers and ensure operational continuity
Core Skills (Must Have)
- 2+ years of SOC experience in security monitoring and incident response
- Hands-on experience with Microsoft Sentinel (SIEM)
- Hands-on experience with CrowdStrike EDR (or equivalent)
- Strong understanding of security tools (SIEM, EDR, Firewalls)
- Good knowledge of networking fundamentals (TCP/IP, DNS, HTTP)
- Understanding of Windows and Linux systems
Additional Skills (Good To Have)
- Experience with KQL (for Microsoft Sentinel)
- Basic scripting (PowerShell, Python) for automation
- Familiarity with MITRE ATT&CK framework
- Understanding of cloud security (Azure, AWS)
Key Competencies
- Strong analytical and problem-solving skills
- Attention to detail and ability to work in a 24x7 environment
- Effective communication and documentation skills
Education & Certifications
- Bachelor's degree in Computer Science / IT or related field
- Certifications (preferred): CEH, CompTIA Security+, Certified SOC Analyst (CSA), Microsoft SC-200
