Role OverviewWe are looking for an experienced Security Operations Analyst to strengthen our defense capabilities through advanced monitoring, investigation, and incident response.
Responsibilities :- Investigate SIEM/XDR alerts, perform escalation, and document findings/runbooks.
- Create and tune detection rules, dashboards, and reports to reduce false positives.
- Conduct threat hunting and hypothesis-driven investigations; maintain a hunt backlog.
- Support incident response tasks: triage, containment, basic forensics, and recovery validation.
- Ensure logging health and data quality; collaborate with Infra/App teams to onboard new log sources.
- Contribute to SOAR playbook development and continuous improvement efforts.
Requirements :- 35+ years of experience in SOC/Security Operations/Incident Response (L2/L3 level).
- Daily hands-on experience with SIEM/XDR and EDR telemetry; strong triage and query skills.
- Solid understanding of attack techniques and MITRE ATT&CK mapping.
- Familiar with Windows/Linux/AD logs, network/WAF/firewall events, email/SaaS security signals.
- Experience with ITSM processes and producing clear incident notes/evidence.
- Basic scripting or query skills for enrichment and automation tasks.
