IMEA (India, Middle East, Africa)
India
LIXIL INDIA PVT LTD
Employee Assignment
Not remote
Full Time
2 June 2025
This is a 6 days working shift based role to provide 24x7 global infrastructure support.
This is a work from office role.
Key Responsibilities
- Proactively monitor 24x7 security alerts (SIEM) and infrastructure alarms to ensure system integrity and availability.
- Analyze logs and perform initial triage of security incidents and IT faults to distinguish between false positives and critical threats.
- Investigate suspicious indicators (IPs, Hashes, URLs) using threat intelligence sources like VirusTotal to prioritize incidents based on severity.
- Execute L1 security playbooks and IT SOPs/KEDB to resolve routine incidents and service requests within defined SLAs.
- Document investigation findings accurately in ticketing systems and escalate complex security or infrastructure issues to Tier 2/3 teams.
- Assist in maintaining monitoring dashboards and generate regular KPI reports on security alert trends and system health.
What We Are Looking For
- Minimum 2-5 years of combined experience in SOC operations and Infrastructure support, with specific L2-level expertise..
- Strong command of networking (OSI, TCP/IP, DNS) and cybersecurity principles (CIA Triad, Cyber Kill Chain, MITRE ATT&CK) to effectively analyze attack vectors.
- Hands-on experience with SIEM tools (Splunk, Sentinel, QRadar) and EDR solutions (CrowdStrike, Defender) for log analysis, alert monitoring, and incident triage.
- Proficiency in Windows and Linux command-line navigation with the ability to deeply analyze system logs (Event Viewer, Syslog) for anomalies and suspicious activities.
- Experience working in a 24x7 rotational shift environment with a strong track record of adhering to SLAs and documenting incidents via tools like ServiceNow or Jira.
- Excellent problem-solving skills to troubleshoot complex issues across the stack from network packets to VM performance and security alerts
Good To Have
- Valid security credentials (CompTIA Security+, CySA+, BTL1, CEH,CompTIA Network+) are highly preferred
- Proficiency in scripting languages (Python, PowerShell, PowerCLI, Bash) and automation tools (Ansible, Terraform) to streamline incident response and infrastructure management tasks.
- Exposure to Cloud Security monitoring (AWS, Azure, GCP) and experience utilizing Threat Intelligence platforms and OSINT for deeper analysis.
- Foundation level knowledge with additional virtualization, server, network and cloud..
Qualifications
- Bachelor's degree in Information Technology, Computer Science, Cybersecurity, or a related field.
