SOC Analyst

Key Responsibilities

• Monitor and analyze security alerts across enterprise infrastructure.
• Perform incident triage, investigation, containment, eradication, and recovery.
• Conduct deep log analysis across network, endpoint, identity, email, and cloud sources.
• Investigate phishing, malware infections, account compromise, lateral movement, and data exfiltration attempts.
• Perform proactive threat hunting and identify anomalous activity.
• Analyze network traffic and security events to detect suspicious behavior.
• Respond to identity-based threats including credential abuse and unauthorized access attempts.
• Support cloud security monitoring and identify configuration risks.
• Collaborate with infrastructure, cloud, and IT teams for remediation.
• Develop and enhance detection use cases and response playbooks.
• Prepare detailed incident reports including root cause analysis and mitigation recommendations.

• Provide continuous (24x7) security monitoring and incident response support in a shift-based environment.
• Minimum 2+ years of experience in a Security Operations Center (SOC) or Incident Response role.
• Proven experience handling end-to-end security incidents.
• Strong experience analyzing logs from firewalls, endpoints, email systems, cloud platforms, and identity providers.
• Experience investigating phishing, malware, insider threats, and web-based attacks.
• Experience working in enterprise environments with cloud-based infrastructure and SaaS applications.
• Hands‑on experience with endpoint detection and response concepts.
• Understanding of identity and access management, MFA, and conditional access controls.
• Strong knowledge of networking fundamentals (TCP/IP, DNS, HTTP/S).
• Experience reviewing and correlating raw log data for threat detection.
• Familiarity with vulnerability management processes.

• Security event monitoring and correlation
• Incident response lifecycle management
• Threat hunting methodologies
• Endpoint security investigation