H

ENGINEER - Azure Sentinel SIEM

Happiest Minds Technologies · Bengaluru, Karnataka, India

~₹12L (est.)3–10 yrs experiencefull_timePosted 3w ago
Apply now →

Job description

L1 SOC Analyst (Security Operations Center) Role Summary We are seeking a proactive and detail-oriented L1 SOC Analyst to join our Security Operations Center (SOC) team. The role involves 24x7 monitoring, triage, and initial investigation of security alerts, ensuring timely identification and response to potential security threats. The analyst will work across multiple security tools and collaborate with cross-functional teams to support end-to-end incident management. Key Responsibilities Security Monitoring & Incident Triage Perform continuous monitoring (24x7 rotational shifts) of security alerts across multiple platforms. Analyze and triage alerts generated from SIEM, EDR, email security, and network security tools. Identify potential security incidents, anomalies, and suspicious activities. Prioritize incidents based on severity and business impact. Incident Handling & Response Execute end-to-end incident handling (L1 level) including detection, initial validation, containment support, and escalation. Document incidents clearly in ServiceNow or designated ticketing systems. Escalate validated incidents to L2/L3 teams with detailed analysis and context. Follow SOPs, playbooks, and incident response procedures. Tool Monitoring & Analysis Work across the following security technologies: SIEM: Azure Sentinel EDR/XDR: Cortex XDR, CrowdStrike, Microsoft Defender CASB/SSE: Netskope Email Security: Proofpoint, Abnormal Security Threat Intelligence: Recorded Future Web/Application Security: Akamai Sandboxing Tools: Malware analysis and detonation platforms Threat Intelligence & Correlation Utilize threat intelligence feeds (e.g., Recorded Future) for alert enrichment. Correlate events across multiple tools for improved detection accuracy. Identify common attack patterns and assist in proactive threat detection. Reporting & Documentation Maintain accurate and timely incident records, logs, and reports. Prepare daily/weekly SOC reports and dashboards. Ensure compliance with audit and documentation standards. Required Skills & Qualifications Technical Skills Basic understanding of SOC operations, cybersecurity concepts, and threat landscape Familiarity with: SIEM tools (Azure Sentinel preferred) Endpoint security (Cortex XDR, CrowdStrike, Defender) Email security solutions (Proofpoint, Abnormal) CASB (Netskope) Web security (Akamai) Threat intelligence platforms (Recorded Future) Knowledge of: Incident response lifecycle MITRE ATT&CK framework (basic understanding preferred) Networking fundamentals (TCP/IP, DNS, HTTP/HTTPS) Soft Skills Strong analytical and problem-solving skills Effective communication skills (written & verbal) Ability to present findings with clarity (basic presentation skills) Ability to work under pressure in a 24x7 environment Strong attention to detail and documentation discipline Experience & Education 03 years of experience in SOC / Cybersecurity / IT Security Bachelors degree in Computer Science, Information Security, or related field Relevant certifications (preferred but not mandatory): Security+ SC-200 (Azure Sentinel) CEH / CySA+ Shift Requirements Willingness to work in 24x7 rotational shifts, including weekends and holidays. Key Competencies Incident triage & escalation discipline Tool-based alert investigation Process adherence (SOP-driven) Collaboration across SOC tiers Continuous learning mindset Nice to Have Exposure to automation / SOAR tools Basic scripting (PowerShell, Python) Experience in ticketing tools (ServiceNow) Disclaimer : This job posting has been aggregated from external source. Role details, content, and availability are subject to change. Applicants are advised to confirm the latest information directly on the company website before applying.