SOC Engineer, L1

Role: SOC Analyst (Level -1)Location: BengaluruShift Timing: Rotational Shift (9-hrs * 5 Days a week) – Hybrid. 
Position Summary:SOC Analyst Level-1 works within the 24/7 Cyber Security Fusion Centre to monitor security alerts, respond to and remediate detected issues, and work with the Incident Management process to remove threats and vulnerabilities within the organization. The role collaborates with other infrastructure and operational teams to maintain a secure environment and for incident response capabilities. This position will perform security event analysis, incident response, and other related activities as part of a global 24x7x365 organization.

WHAT YOU WILL BE DOING

• Responsibilities
• Strong understanding of cybersecurity principles, best practices, and industry standards, including knowledge of common attack vectors, vulnerabilities, and threat landscapes. 
• Proficiency in detecting and analyzing security incidents, identifying indicators of compromise (IOCs), and effectively responding to and mitigating security threats.
• Familiarity with security tools such as SIEM (Security Information and Event Management) systems, IDS/IPS (Intrusion Detection/Prevention Systems), firewalls, antivirus software, and endpoint protection solutions, and the ability to utilize these tools effectively. 
• The candidate should be skilled at analyzing security logs, network traffic, and system event data to identify patterns, anomalies, and potential security breaches and efficient in conducting incident investigations.
• Knowledge of threat intelligence sources, methodologies, and tools to gather and analyse information on emerging threats, vulnerabilities, and attack techniques. Understanding of network protocols, architecture, and administration, as well as knowledge of operating systems (Windows, Linux, etc.) and their security configurations. 
• Strong analytical thinking and problem-solving abilities to analyze complex security issues, identify root causes, and propose appropriate solutions or mitigations. 
• A mindset of continuous learning, staying updated with the latest security trends, technologies, and threats, and the ability to adapt to evolving security landscapes and emerging technologies.

WHAT YOU BRING

• Qualifications: 
• 2 years of working experience in Security Operation Centre
• Education: A bachelor’s degree in computer science, Information Technology, Cybersecurity, or a related field is often preferred.


• Must have Skills:
• Willing to work in shifts - 24/7 schedule (9-hour shift model with five working days a week).
• Minimum three years of experience required in security incident response or security operations centre (SOC) with strong analytical.
• Strong problem-solving skills to assess and address security challenges, identify threats, and collaborate on appropriate solutions to mitigate risks.
• Strong working knowledge of security-relevant data, including network protocols, ports, and common services, such as TCP/IP and application layer protocols (e.g., HTTP/S, DNS, FTP, SMTP, IAM, etc.).Should have a good understanding of alerts generated by (SIEM, EDR, Antivirus, Email Security Gateway, DLP, CNAPP, WAF, VPN & various log sources).The ability to analyse complex security data, identify patterns, and draw meaningful insights from various sources to detect and respond to security incidents effectively.
• Candidate should know security concepts such as cyber-attacks and techniques, threat vectors, risk management, and incident management. etc
• Knowledge of Windows and/or Unix-based systems/architectures and security best practices and concepts.
• Handling End User reported Cybersecurity events and requests on content filtering using Sophos XDR for blocking and unblocking URLs.
• Flexibility and the capacity to adapt quickly to evolving security landscapes, emerging threats, new technologies, and changing priorities.
• Ability to communicate technical details effectively in writing and verbally to IT personnel and management. 


• Good To have:
• Certifications such as CompTIA Security+ and Certified Ethical Hacker (CEH) are beneficial.
• Good understanding of AWS and Azure environments and vulnerability management.
• Proficiency in scripting or programming languages (e.g., Python, PowerShell) for automation and tool development.