Job Title:
Senior
SOC
Analyst - Security Operations
About the Role
We are looking
for a SOC Analyst to join our Security Operations team and help strengthen the organization’s
detection, monitoring, and incident response capabilities across cloud,
endpoint, and SaaS environments.
In this role,
you will be responsible for monitoring security events, investigating threats,
responding to incidents, and improving detection engineering practices across
multiple security platforms. You will work closely with Infrastructure, DevOps,
IT, and Compliance teams to ensure timely identification, containment, and
remediation of security risks.
What You’ll Do
Security Monitoring &
Incident Response
Monitor and investigate alerts across SIEM, EDR,
email security, and threat intelligence platforms
Triage alerts from multiple sources including cloud
logs, identity providers, endpoint telemetry, source code repositories,
and web application firewalls
Investigate incidents related to phishing, malware,
suspicious logins, credential compromise, data exfiltration, and exposed
resources
Escalate confirmed incidents and coordinate
remediation with internal teams
Document investigations, incident timelines, and
remediation activities
Detection Engineering &
SIEM Operations
Fine-tune SIEM alert rules to reduce false positives
and improve detection quality
Build and maintain dashboards for centralized
monitoring and proactive threat detection
Enrich log data with contextual information to
improve investigation speed and correlation
Optimize log queries and search capabilities for SOC
operations and reporting
Create and maintain incident response playbooks and
SOC runbooks
Threat Intelligence & Brand
Protection
Monitor threat intelligence platforms for external
threats including leaked credentials, exposed repositories, malware logs,
and API-related threats
Manage brand monitoring initiatives for phishing
domains, impersonation attempts, and fraudulent applications
Coordinate takedown efforts with internal and
external stakeholders
Improve threat intelligence alerting and detection
coverage
Endpoint & SaaS Security
Monitoring
Monitor endpoint detection and response platforms for
suspicious behavior and endpoint threats
Analyze email security and WAF alerts for malicious
activity and repeated attack patterns
Identify shadow IT usage and recommend controls to
prevent data leakage and unauthorized access
What We’re Looking For
Security Operations Experience
2 to 4 years of experience in SOC operations,
security monitoring, or incident response roles
Experience investigating security alerts across
cloud, endpoint, email, and network environments
Good understanding of common cyber threats including
phishing, malware, credential compromise, lateral movement, and data
exfiltration
SIEM & Detection
Engineering
Hands-on experience with at least one SIEM platform
such as Splunk, Microsoft Sentinel, Coralogix, QRadar, or equivalent
Experience building or tuning detection rules,
dashboards, and SOC workflows
Familiarity with log analysis and threat correlation
techniques
Endpoint & Cloud Security
Experience with EDR platforms such as SentinelOne,
CrowdStrike, or Microsoft Defender for Endpoint
Understanding of cloud security concepts across AWS,
Azure, or GCP environments
Familiarity with services such as GuardDuty,
CloudTrail, and VPC Flow Logs
Technical & Analytical
Skills
Basic scripting or query language knowledge for log
analysis and automation
Familiarity with ticketing and incident management
workflows using Jira, ServiceNow, or similar platforms
Strong analytical, troubleshooting, and investigative
skills
Documentation &
Communication
Ability to create clear incident reports, SOC
playbooks, and operational documentation
Strong communication and collaboration skills
Ability to work effectively in fast-paced operational
environments
Nice to Have
Familiarity with MITRE ATT&CK framework for
threat classification and detection mapping
Experience with KQL, SPL, Lucene, or similar query
languages
Exposure to DLP solutions such as Netskope or Zscaler
Understanding of email security standards including
SPF, DKIM, and DMARC
Experience with network monitoring tools such as Zeek
or Suricata IDS
Exposure to digital risk protection or brand
monitoring tools
Relevant certifications such as CompTIA Security+,
CEH, SC-200, BTL1, or equivalent
Tools & Technologies
SIEM: Splunk, Microsoft Sentinel, Coralogix, QRadar
EDR: SentinelOne, CrowdStrike, Microsoft Defender
Cloud Security: AWS GuardDuty, CloudTrail, Azure
Security Tools, GCP Security
Threat Intelligence & Monitoring: Threat
intelligence platforms, WAF, email security tools
Query Languages: KQL, SPL, Lucene
Ticketing & Workflow Tools: Jira, ServiceNow
Why You’ll Love Working With Us
Opportunity to work on large-scale cloud and security
operations environments
Exposure to advanced threat detection and incident
response workflows
Collaborative security-focused engineering culture
High-impact role in strengthening organizational
security posture
Learning opportunities across cloud, endpoint, and
SaaS security domains
Fast-paced environment with strong ownership and
growth opportunities
Role Details
Position:
SOC Analyst –
Security Operations
Employment Type:
Full-Time
Experience Level:
Mid-Level
Location:
Bengaluru, Karnataka (On-site)
Disclaimer:
This job description is intended to outline the general nature and key
responsibilities of the position. It is not intended to be an exhaustive list
of all duties, responsibilities, or qualifications associated with the role.
The responsibilities and qualifications described may be subject to change, and
other duties may be assigned as needed. Employment is at-will, meaning the
employee or the employer may terminate the employment relationship at any time,
with or without cause, and with or without notice.
Data
Utilization Disclaimer: By applying for this position, you acknowledge and
agree that any personal data you provide may be used for recruitment and
employment purposes. The data collected will be stored and processed in
accordance with our privacy policy and applicable data protection laws. Your
information will only be shared with relevant internal stakeholders and will
not be disclosed to third parties without your consent, unless required by law.
