Track This Job
Add this job to your tracking list to:
- Monitor application status and updates
- Change status (Applied, Interview, Offer, etc.)
- Add personal notes and comments
- Set reminders for follow-ups
- Track your entire application journey
Save This Job
Add this job to your saved collection to:
- Access easily from your saved jobs dashboard
- Review job details later without searching again
- Compare with other saved opportunities
- Keep a collection of interesting positions
- Receive notifications about saved jobs before they expire
AI-Powered Job Summary
Get a concise overview of key job requirements, responsibilities, and qualifications in seconds.
Pro Tip: Use this feature to quickly decide if a job matches your skills before reading the full description.
Role Overview
Seeking a skilled and motivated L1/L2 Analyst – Dark Web Monitoring & Threat Intelligence to join our Security Operations Center (SOC) team.
In this role, the analyst will focus on dark web intelligence gathering, analysis, and reporting, leveraging platforms such as CloudSEK to identify potential threats, data leaks, credential exposures, and emerging risks to the customer’s environment. The candidate will also support the wider SOC with actionable threat intelligence to strengthen detection, response, and proactive defense capabilities.
Key Responsibilities
Dark Web Monitoring & Analysis
- Continuously monitor dark web, deep web, and surface web sources using CloudSEK and other threat intelligence tools for indicators of compromise (IOCs), credential dumps, leaked data, and potential threats targeting the customer.
- Identify and analyze mentions of the customer’s brand, infrastructure, domains, or key personnel on illicit marketplaces, forums, and communication channels.
- Perform correlation and enrichment of dark web data with internal telemetry and external threat feeds to derive actionable intelligence.
- Escalate high-severity findings to the SOC Incident Response team with clear analysis and recommendations.
Threat Intelligence Operations
- Support the development and delivery of threat intelligence reports, alerts, and advisories tailored to the customer’s business context and threat landscape.
- Track and profile threat actors, campaigns, and TTPs relevant to the customer’s industry sector.
- Contribute to the creation and tuning of detection use cases in SIEM/EDR platforms based on emerging threat intelligence.
- Assist in integrating threat intelligence feeds into the SOC ecosystem and automating enrichment workflows where applicable.
- Participate in threat hunting exercises and collaborate with detection engineering teams to enhance visibility and defense posture.
Collaboration & Knowledge Sharing
- Work closely with SOC L2/L3 analysts, incident responders, and platform engineering teams to improve detection and response capabilities.
- Document findings, workflows, and intelligence processes in knowledge bases and SOPs.
- Contribute to customer-facing threat briefings and periodic intelligence summaries
Required Qualifications & Skills
Education & Experience:
- 3 Yrs with BE/BTech/MCA
Technical Skills:
- Strong knowledge of SIEM platforms (e.g., Seceon, QRadar, Arcsight, Elastic) and log analysis.
- Hands-on experience with threat intelligence platforms (TIPs) such as CloudSEK, Anomaly, Recorded Future, or equivalent.
- Proficiency in monitoring and analyzing dark web forums, marketplaces, and communication channels.
- Strong understanding of threat actor TTPs, cybercrime ecosystems, and underground economy dynamics.
- Familiarity with SIEM, EDR, and NDR platforms and their integration with threat intelligence feeds.
- Knowledge of MITRE ATT&CK, cyber kill chain, and threat modeling methodologies.
- Basic scripting (Python, PowerShell) for automation and data enrichment is an advantage.
Key Skills
Ranked by relevanceReady to apply?
Join airtel and take your career to the next level!
Application takes less than 5 minutes