SIEM Analyst/Incident Responder/Threat Hunter
Job Description
Job Description for SIEM Analyst/Incident Responder/Threat Hunter – L2
Location: Hybrid, 24x7 Shifts
Job Type: Full-Time (Rotational Shift Model, including weekends and holidays)
Experience: L2 - 4–6 Years in SOC Operations / Threat Detection
Skill Required: Splunk SIEM and SOAR
Job Summary
The L2 Security Analyst will be responsible for real-time monitoring, investigation, and response to identity-based and endpoint security threats using Microsoft Defender for Endpoint (MDE). This role requires 24x7 support coverage and collaboration with global security teams to ensure threat detection, containment, and remediation in a fast-paced environment.
Candidate Persona
· Ability to work with very large and complex network.
· Self-motivated individual and creative thinker who will take ownership of tasks and projects, able to work with the team, and manages tasks effectively and has a proven track record of consist and organized outputs.
· The ideal candidate will demonstrate an eagerness to understand complex problems and requirements, an aptitude for translating these problems into workable designs and solutions and will possess a keen eye for detail.
· This position is based in India
· Having knowledge/experience on any SIEM tools or Experience on IDS (Intrusion Detection systems) platform and Network Security roles.
· Exposure to Mitre framework and equivalent, Hands-on experience in EDR platforms and threat analysis, threat hunting/incident response experience.
· Experience and knowledge in Network security/ System Security/ Endpoint Security.
· Experience of Event Monitoring and analysis and escalations. Provide inputs for content management.
· Experience on Monthly, Weekly and daily reporting.
· Willing to work on 24/7 operations.
· Review SIEM escalated incidents and qualify true positives
· Provide a monthly trend and security analysis summary report
· Provide SIEM event/Incident analytics support
· Provide log analysis summary and recommendations on detection/protection of incidents
· Perform advanced triages and work in collaboration with resolved groups, third party or with designated customer contacts
· Liaise between cross functional teams and assist in formulating security incident response report
· Advocate protection and mitigation strategies to be implemented from lessons learnt exercises
Soft skills
· Shall have good verbal/written communication skills
· Should be willing to work in 24x7 environments
· From time-to-time travel opportunities may be assigned
· Incumbent should carry continual system improvement mindset and able to demonstrate in work.
· Client facing technical analysis report and presentation skills