CareerStation
SU

SIEM Analyst/Incident Responder/Threat Hunter  

Subramaniam Hemamalini (Proprietor Of Live Connections)
Noida32-34 LPA Posted 9 Mar 2026
FULL TIME
Splunk
Siem
Incident Response
Threat Hunting
EDR
+1 more

Job Description

Location: Hybrid, 24x7 Shifts

Job Type: Full-Time (Rotational Shift Model, including weekends and holidays)

Experience: L3 – 7+ Years in SOC Operations / Threat Detection

Skill Required: Splunk SIEM and SOAR

Job Summary

As an L3 Security Analyst you will be responsible for advanced-level security operations, including incident handling, threat analysis, and platform optimization. You will act as the final escalation point for security incidents, provide deep technical expertise, and contribute to proactive threat detection strategy

Roles & Responsibilities

· Act as the escalation point for all security incidents.

· Perform advanced threat hunting and forensic investigations using SIEM/SOAR.

· Lead incident response activities, including containment, eradication, and recovery.

· Develop and fine-tune automated response playbooks for security incidents.

· Design and execute proactive threat hunting activities using advanced hunting (Kusto Query Language - KQL).

· Analyse emerging threat intelligence and correlate it with telemetry for enhanced detection.

· Develop custom detection rules and automated workflows for threat mitigation.

· Act as the SME (Subject Matter Expert) and provide technical guidance to L1 and L2 analysts.

· Conduct root cause analysis (RCA) and contribute to post-incident review reports.

· Collaborate with OEM support teams for issue resolution and product improvements.

· Provide technical recommendations to improve endpoint security posture.

Technical Skills:

· Expertise in SIEM/SOAR platforms.

· Strong understanding of MDR, XDR, SIEM and SOAR.

· Proficiency in Kusto Query Language (KQL) for advanced threat hunting.

· Deep knowledge of Windows, macOS, and Linux endpoint security and attack techniques (MITRE ATT&CK framework).

· Experience in forensic investigations and malware analysis.

· Strong scripting and automation skills (PowerShell, Python preferred).

· Familiarity with cloud security (Azure Defender, M365 Defender, Defender for Cloud).

Soft skills

· Shall have good verbal/written communication skills

· Should be willing to work in 24x7 environments

· From time-to-time travel opportunities may be assigned

· Incumbent should carry continual system improvement mindset and able to demonstrate in work.

· Client facing technical analysis report and presentation skills

Required Skills

SplunkSiemIncident ResponseThreat HuntingEDRSOAR
Join WhatsApp Channel