Security Operations Center Analyst

Job Description

Job Title: Senior SOC Analyst (L2/L3) – Threat Detection | SIEM Experience: 8+ Years Key Skills / Keywords: SOC Analyst | Threat Detection | SIEM (ArcSight, Splunk) | Incident Response | EDR (CrowdStrike, SentinelOne) SOAR Automation | Malware Analysis | RCA | CHFI | MITRE ATTCCK | VAPT | Cybersecurity Operations | Red/Blue Team | L3/L4 Security Support | GovTech Cybersecurity | ISO 27001 | NIST CSF Roles and Responsibilities Security Monitoring & Threat Detection: Operate SIEM platforms (ArcSight, Splunk, ELK) for real-time threat visibility Build and tune custom correlation rules, use cases, and threat detection dashboards Perform IOC analysis, log correlation, and malware behavior inspection Incident Response & RCA Ownership: Lead incident triage, containment, and recovery processes Conduct deep forensic investigations using CHFI methodologies (host, network, memory) Document RCA reports, incident timelines, and post-mortem summaries Act as L2/L3 escalation point within the SOC Threat Hunting & Vulnerability Management: Execute threat hunts using MITRE ATTCCK, anomaly baselines, and behavioral analytics Collaborate with VAPT teams on identifying and closing security gaps Analyze exploits and simulated attacks using Metasploit, Burp Suite, OpenVAS, Nessus Automation & Knowledge Sharing: Use or contribute to SOAR platforms and response playbook development Mentor junior analysts and lead security awareness initiatives (KnowBe4) Contribute to internal cyber threat intelligence practices and secure configurations Candidate Profile Experience: 8–12 years in SOC, Threat Detection, and Cybersecurity Operations Role Type: Individual Contributor, L2 Hands-On Specialist Strong communication skills: Able to document, articulate, and coordinate effectively with technical and non-technical stakeholders. Location: Onsite – Manesar, Haryana (Government Sector Deployment) Availability: Immediate or within 1 month Engagement: Full-time via VVNT SEQUOR LLP Preferred Qualifications Bachelor’s in Cybersecurity, Information Security, or IT Certifications preferred: CHFI, CEH, Security+, GCIA, GCFA Splunk Certified Analyst, PCNSE, AWS Security Essentials Experience with: Tripwire, KnowBe4, or Azure Sentinel / AWS GuardDuty