Senior SOC Analyst (AI Analyst & Automation Engineer)
Senior SOC Analyst (AI Analyst & Automation Engineer)
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
We are looking for a hybrid expert in cybersecurity operations and AI engineering to lead the development customization and operationalization of AI-powered SOC automation systems.
This role will bridge the gap between frontline SOC operations and backend AI/ML capabilitiesdriving intelligent alert triage threat detection and incident response automation through tools like Intezer Cortex XSOAR and custom AI pipelines.
You will play a key role in both defending the organization and building the intelligent systems that scale our defenses.
SOC & Threat Detection (Analyst Responsibilities):
Monitor and triage security alerts using AI-assisted tooling.
Analyze investigate and escalate incidents using threat intel and log data.
Provide threat context root cause analysis and response recommendations.
Fine-tune detection rules behavioral baselines and IOC correlations.
Serve as SME for SOC use cases and automation requirements.
AI Engineering & Automation:
Design and maintain ML models for anomaly detection classification and triage.
Build automation workflows using SOAR platforms (e.g. Cortex XSOAR).
Integrate AI models with SIEM EDR TIP and other SOC data sources.
Develop feedback loops based on SOC analyst input and incident data.
Reduce false positives/negatives through intelligent alert enrichment.
Collaboration & Strategy:
Collaborate with threat intel IR
Drive innovation in SOC tooling through automation and AI.
Maintain documentation model explainability and audit readiness.
Stay ahead of adversarial threats and AI misuse in cyber contexts.
Qualifications :
Must-Have:
3 years in a SOC Analyst Incident Responder or Threat Hunter role.
2 years developing or applying AI/ML in a cybersecurity or security automation context.
Proficient in Python and ML libraries (Scikit-learn PyTorch TensorFlow).
Experience with SIEMs (Splunk Sentinel QRadar) SOARs (XSOAR TheHive) and EDRs (CrowdStrike Defender).
Strong grasp of MITRE ATT&CK threat detection and common attack vectors.
Familiarity with APIs REST JSON and integration of multiple security platforms.
Nice-to-Have:
Experience with malware classification threat intel enrichment or sandbox analysis (e.g. Intezer VirusTotal).
Knowledge of adversarial ML model hardening or explainable AI in SOC.
Experience with cloud-native security monitoring (AWS/GCP/Azure).
Familiarity with MLOps data pipelines or model deployment in production.
Additional Information :
At Freshworks we are creating a global workplace that enables everyone to find their true potential purpose and passion irrespective of their background gender race sexual orientation religion and ethnicity. We are committed to providing equal opportunity for all and believe that diversity in the workplace creates a more vibrant richer work environment that advances the goals of our employees communities and the business.
Remote Work :
No
Employment Type :
Full-time
Employment Type
Full-time
