SOC Engineer - L3

SOC Engineer - L3

Location: Hyderabad

Mode: Hybrid

Role Summary

• Act as the senior-level analyst responsible for handling complex security incidents and advanced threats.
• Lead investigations, triage escalations from L1/L2 analysts, and coordinate response actions.
• Serve as the technical expert for SOC operations, threat detection, and remediation. Key Responsibilities.
• Lead investigation and response for high-severity incidents (P1/P2).
• Perform root cause analysis and advanced threat hunting.
• Guide L1/L2 analysts on incident investigation procedures.
• Coordinate with IT, network, application, and security teams for containment and remediation.
• Develop and maintain incident response playbooks and standard operating procedures (SOPs).
• Analyze alerts from SIEM, SOAR, EDR, NDR, WAF, and cloud security tools.
• Identify patterns, anomalies, and emerging threats using threat intelligence.
• Conduct malware analysis, phishing investigation, and forensic analysis when required.
• Integrate threat intelligence into SOC workflows and monitoring systems.
• Tune SIEM, SOAR, and detection rules for accuracy and efficiency.
• Develop automation scripts and workflows to reduce manual SOC tasks.
• Mentor and train L1/L2 analysts on advanced detection techniques.
• Participate in SOC process improvement initiatives.
• Provide clear and detailed incident reports to SOC Manager and leadership.
• Communicate threat impact and resolution status to internal stakeholders.
• Support audit, compliance, and regulatory reporting requirements.
• Collaborate with Red Team, Vulnerability Management, and CTI teams.

Qualifications & Skills Education & Certification

• Bachelors or Masters in Computer Science, Information Security, or related field.
• Relevant certifications preferred: CISSP, GCIA, GCIH, CEH, OSCP, Splunk/QRadar/Sentinel certs.

Technical Skills Advanced knowledge of:

• SIEM/SOAR platforms (Splunk, QRadar, Sentinel, etc.)
• Endpoint detection & response (CrowdStrike, Trellix, Defender, etc.)
• Network, cloud, and web application security
• Malware analysis, threat hunting, and forensic investigations
• Experience with scripting/automation (Python, PowerShell, Bash).
• Familiarity with MITRE ATT&CK framework and TTP analysis.

Soft Skills:

• Strong analytical and problem-solving abilities.
• Ability to work under pressure during critical incidents.
• Excellent communication and documentation skills.
• Team mentoring and knowledge-sharing aptitude.

Experience:

• 8-10 years in cybersecurity operations or SOC environment.
• At least 2-3 years in advanced incident response or L3 SOC roles.
• Experience in enterprise SOC or MSSP SOC preferred.