SOC Analyst
Share
Job Location:
Navi Mumbai - India
Yearly Salary:
₹ 500000 - 8000000
Posted on:
6 hours ago
Vacancies:
1 Vacancy
Job Summary
JOB TITLE: L2 Security Operations Center (SOC) Analyst
JOB PURPOSE:
To act as a senior-level analyst in the 24x7 Security Operations Center (SOC) responsible for advanced security event triage log analysis threat investigation and response coordination using modern security platforms such as SIEM SOAR EDR and Threat Intelligence systems. The L2 SOC Engineer will also contribute to dashboard optimization incident documentation playbook updates and assist in the administration of key tools such as Splunk and CrowdStrike.
QUALIFICATION:
Graduation
CERTIFICATIONS:
- CompTIA CySA / Security / CEH
- Splunk Core Certified User / Power User
- Microsoft AZ-500 / SC-200
- CrowdStrike Certified Falcon Responder (CFR)
Any of the above.
Location: Navi Mumbai
RESPONSIBILITIES (INCLUDES ALL TASKS):
Security Monitoring & Incident Handling
- Triage and investigate escalated alerts from SIEM XDR (CrowdStrike) EDR email and network security tools.
- Perform log correlation and in-depth investigations using Splunk/Elastic dashboards and queries.
- Handle incidents across endpoints cloud (Azure/OCI/GCP) email DLP and network layers.
- Respond to phishing malware unauthorized access and insider threat alerts.
- Support forensic triage using EDR tools and sandbox results (e.g. Falcon Sandbox).
SOC Engineering & SIEM Operations
- Create fine-tune and optimize detection rules and dashboards in Splunk.
- Maintain and troubleshoot Splunk forwarders heavy forwarders and dashboards under guidance.
- Participate in log onboarding and validation for new sources (e.g. CSPM EDR DLP Cloud tools).
- Support automation workflows and enrichment via playbooks.
Tool Proficiency & Admin Support
- Hands-on knowledge of:
- SIEM: Splunk Elastic (optional)
- EDR/XDR: CrowdStrike
- Email Security: Mimecast
- DLP: Forcepoint (Web/Email) Netskope (CASB/ZTNA)
- Vulnerability Management: Nessus Qualys
- Threat Intel Tools: IOC lookups sandboxing tools OSINT
Documentation & Compliance
- Maintain updated incident records timelines and evidence in ITSM or ticketing platforms.
- Contribute to SOP/Playbook updates audit reports and RCA documentation.
- Participate in compliance checks for ISO 27001 and internal audits.
Continuous Improvement
- Suggest detection logic improvements based on new threats or recurring false positives.
- Engage in purple teaming and threat hunting exercises as needed.
TECHNICAL SKILLS /COMPETENCIES:
MANDATORY
- 3-6 years of relevant experience in a SOC environment.
- Strong hands-on knowledge of SIEM (Splunk) and EDR (CrowdStrike).
- Experience in log analysis threat detection and incident handling.
- Good understanding of TCP/IP DNS HTTP VPN authentication cloud security basics.
- Familiarity with ISO 27001 or NIST 800-61 IR process is a plus.
- Certifications such as CompTIA CySA CEH Splunk Core/User or AZ-500 preferred.
OPTIONAL
SOFT SKILLS:
MANDATORY
- Bachelors degree in computer science Information Technology or related field.
- At least 6 years of experience in support operations
- Strong analytical mindset and attention to detail.
- Ability to prioritize under pressure and respond within SLA timelines.
- Proactive accountable and a team player.
- Willingness to work in shifts (24x7 SOC coverage) if required.
Required Experience:
Manager
Key Skills
- ArcGIS
- Intelligence Community Experience
- GIS
- Python
- Computer Networking
- Data Collection
- Intelligence Experience
- R
- Relational Databases
- Analysis Skills
- Data Management
- Application Development
About Company
Intertec Systems is an IT services company headquarters in Dubai. We specialize in Retail, Banking, Insurance, and Healthcare organizations across Middle East and India. Intertec’s key capabilities include Digitalization of Business Operations, IT Services and Operations, Hybrid IT, S ... View more
