SOC Analyst

Job Description - SOC Analyst (25202211)

Job Description

SOC Analyst - ( 25202211 )

Description

• Incident Investigation & Response: Investigate, analyze, and respond to escalated security incidents; perform root cause analysis and recommend remediation actions; develop and execute incident response playbooks.
• Threat Hunting & Analysis: Conduct threat detection and hunting using SIEM, IDS/IPS, endpoint detection, and other tools; analyze logs, network traffic, and system behavior to identify threats and vulnerabilities.
• Collaboration & Escalation: Collaborate with L1 SOC Analysts, engineering teams, and senior incident responders (L3 Analysts) for complex incidents; engage in investigations and containment efforts; assist in post-incident reviews.
• Security Monitoring & Reporting: Monitor security tools for anomalies; generate reports and dashboards on security incidents and trends; recommend improvements to security monitoring and tool configurations.
• Documentation & Compliance: Document incidents and investigations; maintain and update incident response procedures; ensure compliance with relevant security frameworks and standards (e.g., PCI-DSS, ISO 27001, GDPR).

· Bachelor's degree in Information Security, Computer Science, or a related field.

· Minimum 3-5 years of experience in a Security Operations Center (SOC) or cybersecurity operations role.

· Experience working with SIEM tools (e.g., Splunk, QRadar, ArcSight) and IDS/IPS systems.

· Experience in handling incidents such as malware infections, DDoS attacks, phishing attempts, and insider threats.

· Hands-on experience with network analysis tools (Wireshark, tcpdump), malware analysis, and endpoint protection platforms.

· Strong understanding of security protocols, vulnerabilities, attack vectors, and threat landscapes.

· Certifications such as CEH, GCIA, GCIH, CompTIA CySA+ or other relevant certifications are highly desirable.