SOC Engineer

About Company,

Droisys is an innovation technology company focused on helping companies accelerate their digital initiatives from strategy and planning through execution. We leverage deep technical expertise, Agile methodologies, and data-driven intelligence to modernize systems of engagement and simplify human/tech interaction.

Amazing things happen when we work in environments where everyone feels a true sense of belonging and when candidates have the requisite skills and opportunities to succeed. At Droisys, we invest in our talent and support career growth, and we are always on the lookout for amazing talent who can contribute to our growth by delivering top results for our clients. Join us to challenge yourself and accomplish work that matters.

We're hiring SOC Engineer, have multiple locations

Location: Bangalore, Pune, Chennai, Hyderabad & Mysore

Role Ove rview

We are seeking an AI‑first Senior SOC Engineer who operates at the intersection of security engineering, data analysis, and applied machine learning. In this role, you will design, build, and continuously improve detection, analytics, and automated response capabilities across application, network, and identity do

mains.This position moves far beyond traditional alert triage. You will leverage large‑scale log analysis, behavioral modeling, and AI‑assisted workflows to reduce dwell time, improve signal fidelity, and automate response actions across the SOC.

Key ResponsibilitiesDetection Engineering & An

Design and implement advanced detection logic across:

• Application logs (APIs, auth flows, business logic abuse)
• Network telemetry (NetFlow, DNS, proxy, firewall logs)
• Identity and user behavior (SSO, IAM, endpoint activity)

Develop high‑fidelity detection rules using SIEM, XDR, and modern data platforms.

Apply statistical methods, anomaly detection, and ML techniques to identify novel threats.

• Continuously tune detections to reduce false positives and improve precision/recall.

AI‑Driven SOC Transformation

Integrate AI/LLM‑based tooling into SOC workflows (triage, enrichment, investigation).

Build and operationalize pipelines for log normalization, feature extraction, and model inference.

Develop use cases for AI‑assisted threat hunting, incident summarization, and root‑cause analysis.

Evaluate and deploy AI security tools with a focus on explainability and auditability.

Required Qualifications

• 7+ years in Security Operations, Detection Engineering, or Threat Hunting.
• Strong expertise in SIEM platforms (Splunk, Sentinel, Elastic) and query languages.
• Deep understanding of:
• Network protocols and traffic analysis
• Application architectures (microservices, APIs, auth flows)
• Identity systems (SSO, OAuth, IAM)
• Proven experience analyzing large‑scale log datasets and building detection logic.
• Hands‑on programming/scripting (Python preferred; data processing libraries a plus).
• Experience with SOAR tools and security automation frameworks.
• Strong incident response and investigation skills across multiple telemetry sources.

Droisys is an equal opportunity employer. We do not discriminate based on race, religion, color, national origin, gender, gender expression, sexual orientation, age, marital status, veteran status, disability status or any other characteristic protected by law. Droisys believes in diversity, inclusion, and belonging, and we are committed to fostering a diverse work environment.