Job Description

Project Role :

Security Architect

Project Role Description :

Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations.

Must have skills :

Security Information and Event Management (SIEM) Operations

Good to have skills :

NA

Minimum

2

year(s) of experience is required

Educational Qualification :

15 years full time education



Summary: As an L1 SOC Analyst you are the first line of defense in monitoring and triaging security alerts. You will work primarily with Sumo Logic SIEM and SOAR tools to identify potential security incidents, validate alerts, and escalate them according to the defined SOPs. You will ensure real-time visibility and log health while flagging suspicious activity promptly. This role is essential to ensuring timely detection and reducing noise from false positives Roles & Responsibilities: -Basic Security Knowledge: Understanding of key concepts (malware, phishing, brute force, etc. -SIEM Familiarity: Exposure to Sumo Logic UI and understanding how to read/query logs -Exposure to CrowdStrike Falcon Console: Ability to view and interpret endpoint alerts -Alert Triage: Ability to differentiate between false positives and real threats -Communication Skills: Clear written documentation and verbal escalation -Ticketing Systems: Familiarity with platforms like JIRA, ServiceNow, or similar -Basic understanding of cybersecurity fundamentals -Basic Scripting: Awareness of PowerShell or Python for log parsing -SOAR Exposure: Familiarity with automated triage workflows -Security Certifications: Security+, Microsoft SC-900, or similar certification -Operating System Basics: Windows and Linux process and file system awareness Professional & Technical Skills: -Monitor real-time alerts and dashboards in Sumo Logic SIEM -Perform initial triage on alerts and determine severity/priority -Escalate validated security incidents to L2 analysts per defined SOPs -Follow pre-defined SOAR playbooks to document or assist in response -Ensure alert enrichment fields are populated like host info, user details, etc. -Conduct basic log searches to support alert analysis -Perform daily health checks on log sources and ingestion pipelines -Maintain accurate ticket documentation for each alert handled -Participate in shift handovers and team sync-ups for awareness -SIEM: Basic log searching, correlation rule awareness -SOAR: Familiarity with playbook execution -Security Concepts: Basic understanding of malware, phishing, brute force -Tools: CrowdStrike EDR, Sumo Logic Additional Information: - The candidate should have minimum 2 years of experience in Security Information and Event Management (SIEM) Operations. - This position is based at our Bengaluru office. - A 15 years full time education is required.




15 years full time education