SOC Analyst, Level 2
Protera
Cyber SecuritySplunk
SOC Analyst, L2
Protera
full-time
Posted on:
Location Type: Remote
Location: Remote • 🇮🇳 India
Visit company websiteJob Level
Mid-LevelSenior
Tech Stack
CloudCyber SecuritySplunk
About the role
- Maintain the organization’s cybersecurity posture through continuous monitoring, detection, and incident response.
- Identify and mitigate security threats in real time using advanced technologies.
- Contribute to the design and development of automated playbooks.
- Monitor and analyze security alerts from SIEM, EDR, NDR, FIM, and Antivirus platforms.
- Perform correlation and pattern analysis across multiple data sources.
- Continuously tune and optimize detection rules.
- Execute incident response lifecycle activities including triage and containment.
- Document incidents thoroughly, providing root cause analysis.
- Support post-incident reviews to identify control gaps.
- Develop, maintain, and enhance incident response playbooks and runbooks.
- Collaborate with senior analysts to build SOAR playbooks.
- Conduct regular vulnerability assessments and coordinate with IT teams.
- Manage and optimize security tools for operational readiness.
- Track and report on vulnerability remediation metrics.
- Generate detailed reports and dashboards highlighting incident metrics.
Requirements
- 4+ years in SOC operations, cybersecurity, or incident response.
- Strong knowledge of EDR, SIEM, SOAR, NDR, FIM, and Antivirus/NGAV platforms.
- Experience in writing playbooks, automating responses, and tuning detection logic.
- Familiarity with incident handling frameworks, threat hunting, and digital forensics.
- Framework Knowledge: MITRE ATT&CK, Cyber Kill Chain, NIST IR, ISO 27001.
- Certifications (Preferred): CompTIA Security+, CySA+, CEH, Microsoft SC-200, or equivalent.
- Tools Exposure (Preferred):
- - SIEM: Splunk, Microsoft Sentinel, QRadar, Elastic.
- - EDR/NDR: CrowdStrike Falcon, Defender for Endpoint, SentinelOne, Darktrace, Corelight.
- - FIM/AV: Tripwire, Qualys FIM, Trellix/McAfee, Sophos, Bitdefender.
- - SOAR: Cortex XSOAR, Splunk SOAR, Microsoft Sentinel Automation.
- Experience creating and maintaining incident response playbooks and runbooks.
- Ability to perform threat hunting and deep-dive investigation using EDR, NDR, and SIEM telemetry.
- Knowledge of security automation, cloud-native security, and network forensics.
- Strong communication and documentation skills for both technical and executive audiences.
- Works effectively in high-pressure, time-sensitive environments while maintaining precision and accuracy.
Benefits
- Work from Home set-up
- Comprehensive medical benefits
- Gratuity, PF, EPS and Bonus, NPS
- Shift Allowances
- On-call Allowance
- Health and wellness Allowances
- Learning and Development Allowances
- No question asked certification policy.
- Certification Bounty Bonus
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
cybersecurityincident responsevulnerability assessmentthreat huntingdigital forensicsplaybook automationdetection logic tuningcorrelation analysisroot cause analysissecurity automation
Soft skills
strong communication skillsdocumentation skillsability to work under pressureprecisionaccuracy
Certifications
CompTIA Security+CySA+CEHMicrosoft SC-200
