L3 SOC Analyst

Job Description

Position Details –

L3 SOC Analyst Continuing its strategic expansion, enhancing the capabilities of the Security Operations Center and seeks experienced, dynamic professionals for the L3 SOC Analyst role. This position plays a pivotal role in the incident response team, requiring a strong background in cybersecurity, client interaction, and a proactive approach. The L3 SOC Analyst operates advanced security monitoring solutions, ensuring swift responses to identified security events. The role entails working in a shift schedule to provide 24/7 coverage, following an initial ramp-up period.

Location – Hyderabad

Desired Qualification – B.Sc CSC / B.Tech or BE Computers / MCA. Certifications from CISSP, CEH, GCIH, OSCP, OSCE is a plus.

Experience – 8 – 10 years

Employment Type – Full Time Job

Responsibilities

Act as an escalation point for high and critical severity security incidents and conduct thorough investigations to determine potential impact and understand the extent of compromise.
Verify and authenticate events, alerts, and incidents reported by L2 analysts.
Analyze attack patterns, Tools, Techniques and Procedures (TTPs) to identify methods of attacks and attack life cycle.
Defining, planning, implementing, maintaining, and upgrading security measures, policies, and controls.
Carry out in-depth investigation and correlation and work with the stakeholders towards mitigation and closure of critical, high severity and other complex incidents.
Developing and implementing novel threat detection content, rules, and use cases for deployment in the SIEM platform involves working with diverse data sets, including Proxy, VPN, Firewall, DLP, etc.
This includes the creation of sophisticated and advanced rules while ensuring precise fine-tuning for optimal performance.

Conduct analysis to gather evidence, validate root cause and analyze the extent of compromise leveraging Client’s security toolset.
Collaborate with cross-functional teams, to ensure end to end management of security incident lifecycle.
Conduct thorough investigations to identify true positives from false positives, prioritize incidents, and recommend appropriate actions.
Respond to incident escalations and provide solid recommendations.
Identify and leverage emerging threat intelligence (IOCs, updated rules, etc.) to identify affected systems and the scope of the attack.
Ensure process compliance through regular reviews and updates of existing SOPs, processes, standards, guidelines, and checklists on a periodic basis (quarterly/half-yearly). Additionally, assist in the development and improvement of Security Operations processes, involving the creation or modification of SOPs, Playbooks, and Work instructions.
Perform Advanced diligent Threat correlation between multiple security event sources such as firewall logs, threat intelligence feeds, AV, IDS, IPS, and MDR solutions
Train L1/L2 via planned knowledge transfer & internal training sessions.