I

Security Analyst Level 2 - Siem & Soar

IBM · Bengaluru, Karnataka, India

~₹10L (est.)3–8 yrs experiencefull_timePosted 6 days ago
Apply now →

Job description

**Your Role and Responsibilities:** As SOC Analyst Level 2 & Threat Hunter, you play a vital role in safeguarding an organization's digital infrastructure by identifying, analyzing, and mitigating cyber threats. This position involves using a variety of cybersecurity tools to monitor, prioritize, investigate, and respond to security incidents. **Your primary responsibilities will include:** - Perform advanced analysis of security events and logs across multiple data sources. - Correlate events, conduct deep log reviews, analyze alerts, and validate true positives vs. false positives. - Execute incident triage, classification, and prioritization based on risk and impact. - Conduct advanced root cause analysis (RCA) to identify how incidents originated and evolved. - Analyze IOCs and threat vectors, supporting detection and investigation activities. Analyze Network and Endpoint Events: Interpret security tools and logs from Windows, MAC, and Linux systems to identify potential threats. - Apply threat intelligence feeds to enhance analysis for specific clients and industries. - Identify and interpret signals of exploitation, vulnerabilities, and security gaps. - Collaborate with team members to tune and optimize SIEM/XDR platforms. Provide Actionable Recommendations: Deliver recommendations and responses to clients to enhance their security posture. - Manage technical communication and incident escalation in accordance with defined procedures. - Performing Intel base Threat Hunting using multiple Log Sources - Supporting in a 24x7 Security Operation Centre (SOC) environment. - Develop and maintain automated playbooks, workflows, and response scripts within the SOAR platform. - Collaborate with clients to understand their security requirements and business objectives, refining playbooks based on specific use cases. - Design and develop tailored SOAR playbooks aligned with clients' infrastructure and incident response needs. **Required Education:** Bachelor's Degree **Preferred education** Bachelor's Degree **Required Technical and Professional Expertise:** - Should be BE/B.Tech /MCA/BCA with minimum 5-8 years of expiration in cloud security or cloud infrastructure roles. - Strong experience in advanced log and event analysis. - Proven ability to perform alert correlation, deep investigation, and incident validation. - Hands-on experience with incident triage, classification, and prioritization. - Strong analytical skills to perform root cause analysis. - Experience analyzing malicious behaviors, IOCs, and attack vectors. - Experience in managing SOAR related task - Practical knowledge of threat intelligence consumption and application to detection. - Solid understanding of MITRE ATT&CK framework. - Ability to recognize exploitation techniques, vulnerabilities, and security control gaps. **Preferred Technical and Professional Experience:** - Should be BE/B.Tech /MCA/BCA - Good Communication skills - Client handling exposure ****Years of Experience:**** 5 - 8