Job Description

Project Role :

Security Architect

Project Role Description :

Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations.

Must have skills :

Security Information and Event Management (SIEM)

Good to have skills :

NA

Minimum

3

year(s) of experience is required

Educational Qualification :

15 years full time education



Summary: We are seeking an experienced and highly motivated L2 Cyber Security Analyst to join our Security Operations Center (SOC). As an L2 analyst, you will be responsible for investigating and analyzing escalated security alerts, supporting incident response, and proactively hunting for threats within the environment. You will act as a key escalation point for L1 analysts and contribute to improving our overall security posture. Roles & Responsibilities: -Analyze escalated alerts from L1 analysts. -Perform in-depth investigation of security events using SIEM, SOAR and other security tools. -Lead the response to medium- to high-severity security incidents. -Document findings, remediation steps, and lessons learned. -Leverage threat intelligence feeds to enrich investigations and improve detection. -Work with SIEM, EDR, IDS/IPS, and firewall logs for incident detection and investigation. -Assist in creating and tuning detection rules, playbooks, and automation scripts. -Provide feedback on existing detection content for accuracy and efficiency. -Guide and support L1 analysts in incident handling and best practices. -Collaborate with IT and DevOps teams to implement security controls and improvements. -Create detailed reports and dashboards for internal stakeholders. -Maintain incident tickets with accurate timelines and evidence. Professional & Technical Skills: -Experience in cybersecurity, preferably in a SOC or blue team role. -Strong knowledge of cybersecurity concepts, tactics, techniques, and procedures (TTPs). -Experience with SIEM, SOAR platforms (e.g. CrowdStrike Next-Gen SIEM, CrowdStrike Falcon Fusion) -Familiarity with EDR tools (e.g., CrowdStrike, Defender). -Understanding of TCP/IP, DNS, HTTP, email protocols, and common attack vectors. -Experience with scripting languages (e.g., Python, PowerShell) is a plus. Additional Information: - The candidate should have minimum 3 years of experience in Security Information and Event Management (SIEM). - This position is based at our Bengaluru office. - A 15 years full time education is required.




15 years full time education