L

SOC Analyst L3

Lenovo · Bengaluru, Karnataka, India

6–14 yrs experiencefull_timePosted 3w ago
Apply now →

Job description

**Technical Specialist / SOC Analyst L3 (Cyber Security)** We are looking for an experienced Cyber Security professional with strong expertise in Security Operations Center (SOC), SIEM, Incident Response, and Threat Detection. In this role, you will act as a senior SOC analyst and technical expert responsible for monitoring, investigating, and responding to complex security incidents while continuously improving detection capabilities and SOC processes. **What Youll Do** - Monitor, investigate, and respond to cyber security incidents - Analyze security alerts, logs, and suspicious activities across networks, endpoints, firewalls, and cloud environments - Work on SIEM, EDR/XDR, IDS/IPS, and other SOC security tools - Create and fine-tune detection rules, dashboards, alerts, and reports - Develop custom queries (KQL/Splunk queries etc.) for threat detection and investigations - Reduce false positives and improve SOC detection efficiency - Perform root cause analysis and incident investigations - Support threat hunting and vulnerability analysis activities - Troubleshoot issues related to SIEM/log collection/connectors - Prepare SOC reports, dashboards, and customer updates - Work closely with customers/internal teams to provide recommendations and remediation guidance - Support automation, playbook, and process improvement initiatives - Mentor junior SOC analysts and act as an escalation point for complex issues **Required Skills & Experience** - 8–12 years of experience in Cyber Security / SOC Operations - Strong hands-on experience with SIEM platforms such as Microsoft Sentinel, Splunk, IBM QRadar, etc. - Experience with EDR/XDR tools such as Microsoft Defender for Endpoint or CrowdStrike Falcon - Strong knowledge of Incident Response, Threat Detection, Threat Hunting, and Log Analysis - Hands-on experience creating SIEM correlation rules, dashboards, and reports - Good understanding of networking, firewalls, malware analysis, and security monitoring - Experience working with MITRE ATT&CK framework - Strong troubleshooting and analytical skills - Good communication and stakeholder management skills **Good to Have** - Experience with KQL/Splunk query language - Knowledge of security standards/frameworks like NIST, ISO 27001, HIPAA, FedRAMP - Relevant cyber security certifications such as CISSP, CEH, Security+, GCIH, or Microsoft Security certifications **Ideal Candidate** We are looking for someone who has worked in a mature SOC environment and can independently handle complex security investigations, improve detection capabilities, and support overall SOC operations and transformation initiatives.