SOC L2​/L3 Professional

Location: Bengaluru

Here's a reframed job description for a SOC L2/L3 Professional, tailored to your specifications:
SOC L2/L3 Professional

Location:

Bengaluru

Experience:

4-6 Years
We are looking for a skilled and dedicated  SOC L2/L3 Professional  with  4-6 years of hands-on experience  in a Security Operations Center (SOC) or security technology operations. Based in  Bengaluru , you will play a critical role in our 24/7 security defense, contributing to the detection, analysis, and response to sophisticated cyber threats.
You will be responsible for advanced incident analysis, threat hunting, and leveraging a wide array of security technologies to safeguard our clients' environments. This role requires flexibility to work rotating shifts to ensure continuous support.

Key Responsibilities:

Perform advanced security incident analysis  and response, escalating critical issues to relevant teams and management.
Utilize Security Information and Event Management (SIEM)  tools to monitor security alerts, investigate anomalies, and identify potential threats.
Conduct in-depth analysis of security events  from various sources including IDS/IPS, EDR, DLP, WAF, Proxies, and firewalls.
Contribute to threat hunting initiatives  using threat intelligence to proactively identify hidden threats and vulnerabilities.
Operate and optimize security technologies  such as Endpoint Detection and Response (EDR), Anti-Virus solutions, Sandboxing, and network/host-based firewalls.
Understand and analyze Advanced Persistent Threat (APT)  tactics, techniques, and procedures (TTPs) to enhance detection capabilities.
Recognize and interpret  various attack activities, including network probing/scanning, DDoS attacks, and malicious code activity.
Collaborate with internal and external teams  during incident response, providing technical expertise and guidance.
Document incident details , remediation steps, and contribute to the continuous improvement of SOC processes and playbooks.
Maintain up-to-date knowledge  of the latest cybersecurity threats, vulnerabilities, and industry best practices.

Required Qualifications:

4-6 years of demonstrable experience  working in a Security Operations Center (SOC) or in a strong security technology operations role.
Bachelor's degree  in Computer Science, Information Security, or a related field is preferred.
Willingness and ability to work shifts on a rotating basis  to provide 24/7 support for clients.
Mandatory Skills &

Certifications:

Certifications (one or more highly preferred):
Certified Information Systems Security Professional (CISSP)
GIAC Certified Intrusion Analyst (GCIA)
GIAC Continuous Monitoring (GMON)
Certified Ethical Hacker (CEH)
Or equivalent industry-recognized security certifications.
Security Technologies Expertise:  Security Information and Event Management (SIEM) platforms.
Intrusion Detection/Prevention Systems (IDS/IPS).
Data Loss Prevention (DLP) solutions.
Proxy and Web Application Firewalls (WAF).
Endpoint Detection and Response (EDR) tools.
Anti-Virus and Sandboxing technologies.
Network- and host-based firewalls.
Threat Intelligence platforms and their application.
Exposure to Penetration Testing concepts and methodologies.
Threat Intelligence Knowledge:  Understanding of Advanced Persistent Threats (APT) tactics, techniques, and procedures (TTPs).
Attack Recognition:  Strong understanding of common attack activities such as network probing/scanning, DDoS attacks, and malicious code activity.
Networking Fundamentals:  Solid understanding of common network infrastructure devices (routers, switches) and basic networking protocols (TCP/IP, DNS, HTTP).
Security Architecture:  Basic knowledge in system security architecture and security solutions.