We are looking for a proactive and experienced L2 Security Operations Analyst to strengthen our Security Operations Centre (SOC) team. This role will be responsible for detecting, analysing, and responding to cybersecurity incidents in a hybrid infrastructure comprising AWS Cloud, on-prem infrastructure, and diverse endpoint systems including Linux, Windows, and macOS. The candidate should have hands-on experience with SIEM, EDR, firewalls, and cloud-native security tools, along with a solid understanding of threat landscapes and incident response processes.
Responsibilities
Act as the first level of the escalation point to L1 team and investigate, validate, and escalate security alerts received from SIEM and other monitoring tools.
Monitor and analyse security events from various sources including CNAPP, SIEM, EDR, firewalls, AWS CloudTrail, Guard Duty, and endpoint logs.
Triage security alerts and escalate incidents based on severity and impact.
Correlate data across sources to identify patterns of malicious activity and potential breaches.
Review and refine detection use cases and rule tuning to reduce false positives.
Update and maintain incident response runbooks and knowledge base.
Assist in the development of automation using SOAR platforms for repetitive tasks.
Document incidents, root cause analysis, and lessons learned in a structured and timely manner. Provide regular status reports and metrics to SOC leads and management.
Collaborate with infrastructure, application, and IT teams for investigation and remediation.
What are we looking for in you?
Bachelor’s degree in information security, Computer Science, or related field.
3–6 years of experience in a SOC or cybersecurity operations role.
Proficiency with SIEM tools (e.g., Sentinel, Splunk).
Hands-on experience with EDR/XDR platforms (e.g., CrowdStrike, Sentinel One).
Strong understanding of network protocols, operating systems, malware analysis, and threat actor behaviour.
Familiarity with frameworks such as MITRE ATT&CK, NIST CSF,
Incident response and investigation skills, including log analysis and packet inspection.
Experience with ticketing systems and incident tracking tools.
Key Skills
Ranked by relevance
Related Jobs
3 roles aligned with this opportunity
Security Operations Center (SOC) Analyst
2026-07-01
Security Operations Center (SOC) Analyst
2026-07-01
Information Security Manager in the Baltic IT & Information Security team | SEB, Vilnius
2026-07-03
- Posted
- Apr 25, 2025
- Type
- Full-time
- Level
- Associate
- Location
- Bengaluru
- Company
- mPokket
Industries
Categories
Related Jobs
3 roles aligned with this opportunity
Security Operations Center (SOC) Analyst
2026-07-01
Security Operations Center (SOC) Analyst
2026-07-01
Information Security Manager in the Baltic IT & Information Security team | SEB, Vilnius
2026-07-03