SOC – Pune – L2, L3

Job Description

Are you a passionately curious individual who possesses a steady and unshakable eye for detail?
Are you not afraid of searching for a needle in the stack of hay?
Do you think you have the skillset, knowledge, to be the first line of defense between cyber adversaries and the organization?
Do you believe in working for a mission to protect your organization 365*24*7?
If you are in love with the tools and technology that help you to solve this daunting challenge, then we are looking for you.

Who we are?

Payatu is a GPTW certified company where we strive to create a culture of excellence, growth and innovation that empowers our employees to reach new heights in their careers.
We are young and passionate folks driven by the power of the latest and innovative technologies in IoT, AI/ML, Blockchain, and many other advanced technologies.
We are on the mission of making Cyberworld safe for every organization, product, and individual.

What we look for outside work parameters?

Your expertise is your primary qualification, not your degree or certification.
Your publicly known contributions are your credentials.
Your write-up and blogs reflect your interests and ethics.
You are a perfect technical fit if:
At least 2 to 5 years of experience handling SIEM tools (Splunk), Incident Response.
Knowledge and Hands-on experience on Security appliances like (IPS, Proxy, EDR, Malware Protection, Anti- SPAM )
Experience in host and network forensics. (good to have)
Experience in Security Orchestration and Automation.
Have good experience in handling IT Security incidents, phishing analysis, analyzing office files, developing and fine tuning use cases.
Should have good knowledge of Threat Intelligence, Malware triaging, programming languages (python, bash).
Experience in analyzing logs and should have hands-on experience in windows and linux.
Should have experience in creating weekly and quarterly SOC reports.
Should have experience on monitoring cloud environment [ AWS Azure ].
Should have experience on Entra ID, Microsoft Defender, Sentinel, KQL.

You Have All Our Desired Qualities, if:

You like automating stuff.
You like writing tools.
You have excellent written and verbal communication skills and the ability to express your thoughts clearly.
You have the skill to articulate and present technical things in business language.
You can work independently as well as within a team.
You have strong problem solving, troubleshooting, and analysis skills.
You are passionate about your area of expertise and self-driven.
You are comfortable working in a dynamic and fast-paced work environment.
You are Self-driven, proactive, hardworking, team-player.
You are working on something on your own in your field apart from official work.

Your everyday work will look like:

Alert handling: Analyse and tune security alerts and interpret security events that may lead to incidents.
Incident Response activities: Identity, investigate and respond to potential security incidents to minimize the operational and organizational impact.
Threat hunting: Actively pursue an abnormal activity on assets that may be signs of compromise.
Threat Intelligence: Leverage various threat intelligence sources and capabilities to enable an intelligence-driven response.
Malware Analysis: Analyse and triage the malware found on the system.
Forensics: Perform forensic analysis on system and network artifacts to identify indicators of compromise.
Identify Gaps: Investigate and document gaps in controls, event data, and work with internal teams to resolve.
Process Improvement: Execute, develop, and document Incident Handling Guides and processes.