Greetings from TCS!
- Role: SOC L2/L3
- Experience: 6 to 15 Years
- Drive Locations: Noida /Mumbai/Pune
Interview Mode: In-Person
Drive Date: 20-June -2026
Job Description
- Hands-on experience with SIEM (log ingestion, rule tuning, dashboards, detections),Crowdstrike EDR.
- Strong understanding and Hands on experience of SOC operations, incident response, and cyber kill chain methodologies.
- Familiarity with other SIEM solutions (Splunk, QRadar, Azure Sentinel, etc.) as an add-on capability.
- Knowledge of MITRE ATT&CK, threat intelligence, and detection engineering principles.
- Proficiency in scripting (Python, PowerShell, or similar) for automation and data enrichment.
- Experience with EDR, NDR, and IAM integrations within the SIEM ecosystem.
- Excellent analytical, communication, and documentation skills.
- Incident Analysis & Response: Ability to analyze security alerts, investigate incidents, perform root cause analysis, and recommend mitigation actions using SIEM tools (e.g., Splunk, QRadar, ArcSight).
- Threat Intelligence Correlation: Good understanding of threat intelligence sources and ability to correlate threat indicators (IOCs, TTPs) to detect potential security threats or advanced attacks.
- Firewall, IDS/IPS, and Endpoint Security Management: Hands-on experience in monitoring, tuning, and analysis level expereince in Firewalls, IDS/IPS, and Endpoint Detection & Response (EDR) solutions.
- Log Analysis & Forensics: Proficiency in analyzing logs from servers, network devices, and security appliances to detect anomalous activities and support forensic investigations.
- Ticketing & Escalation Process: Strong understanding of ITSM processes (e.g., using ServiceNow) for incident tracking, documenting findings, escalating complex issues to L3 or relevant teams, and driving incidents to closure.
