About Birlasoft:
Birlasoft is a global technology company enabling next-generation digital transformation through expertise in Cloud, AI, Data, and enterprise solutions. Combining industry proficiency with advanced digital capabilities, it helps businesses accelerate change with speed, scale, and purpose, delivering future-ready solutions that enhance agility, resilience, and customer experience. Part of the CKA Birla Group and led by Chairman Mrs. Amita Birla, Birlasoft's nearly 12,000 professionals drive innovation while building a diverse, inclusive, and learning-oriented culture. With a strong focus on sustainability and long-term value creation, Birlasoft transforms enterprises and communities, earning its reputation as a trusted partner and one of the best places to work.
Role: SOC L1 Analyst
Location: Noida
Educational Qualification: University degree in Computer Science/IT
Experience : 1-3 Years
Role & responsibilities:
- Provide technical and functional support to L2/L3 team with analytical feedback.
- Triage, investigate, document, and close security incidents and service requests in the ticketing system within defined SLAs, escalating to L2/L3 when required.
- Understand information security policies and best practices in Birlasoft environments.
- Inform L2/L3 team of proactive and reactive actions to ensure adherence to security policy.
- Review and understand collected metrics from monitoring systems and be aware of patterns and anomalies.
- Support incident response activities by collecting and preserving evidence, performing initial analysis, and escalating per playbooks to eliminate threats and identify root cause.
- Ensure incidents are handled in a manner that is consistent with established playbooks.
- Monitor SIEM and logging for alerts of potential network threats, intrusions, and/or compromises.
- Responsible for understanding the global threat environment and general security best practices.
- Assist with triage of service requests from automated sensors and internal requests for assistance.
- Assist with threat hunting by following runbooks, validating suspicious activity in logs/EDR, and escalating actionable findings to L2/L3.
- Interface with technical personnel from various disciplines to rapidly resolve critical issues.
- Appropriately inform and advise leadership of incidents and propose effective response and/or countermeasures for containment
Experience/ Qualifications:
- 1–3 years experience in Information Security or SOC operations.
- 1–2 years experience working in a SOC environment (monitoring, triage, and escalation).
- Knowledge of industry recognized analysis frameworks (Kill Chain, Diamond Model, MITRE ATT&CK, NIST Incident Response, etc.).
- Knowledge of Cloud Computing Fundamentals, EDR, DLP, Firewall.
- Thorough understanding of fundamental security and network concepts (Operating systems, intrusion/detection, TCP/IP, ports, etc.).
- Strong problem-solving and analytical skills, initiative driven, result oriented and ability to lead a technical team.
- Proven ability to work under stress in emergencies, with the flexibility to handle multiple high-pressure situations simultaneously.
