L2/l2.5 security operations center (soc) analystTOCUMULUS • Chennai, Tamil Nadu, India
L2 / l2.5 security operations center (soc) analyst
TOCUMULUS • Chennai, Tamil Nadu, India
1 day ago
Job descriptionClassify and categorize threats (malware, ransomware, APT, credential theft, data exfiltration, etc.) Evaluate threat credibility and validate true positives vs. false positives Assess threat actor capabilities, tactics, techniques, and procedures (TTPs) Determine data exposure and potential impact on organization Execute immediate containment measures to prevent threat propagation Isolate affected systems from network when necessary Coordinate with IT Operations for system remediation and recovery Recommend and implement mitigation strategies Participate in incident response playbook execution Monitor and manage SIEM (Security Information and Event Management) platform Create, modify, and optimize detection rules and correlation searches Develop custom dashboards and reports for security monitoring Tune alert thresholds to reduce false positives while maintaining detection sensitivity Maintain SIEM data integrity and log ingestion from all security sources Manage and maintain EDR (Endpoint Detection & Response) solutions Monitor firewall logs, IDS / IPS alerts, and network anomalies Review and escalate VPN access anomalies and unusual traffic patterns Manage DLP (Data Loss Prevention) incidents and policy violations Monitor and respond to vulnerability scanner findings and exploit attempts Perform manual log analysis to identify suspicious patterns and anomalies Conduct proactive threat hunting campaigns based on threat intelligence Search for indicators of compromise (IOCs) across infrastructure Analyze logs from Windows / Linux systems, applications, and network devices Create hunt packages and queries for recurring threat patterns Escalate incidents to L3 analysts and specialized teams (incident response, forensics, threat intelligence) Determine appropriate escalation path based on incident severity and type Provide clear handoff documentation to specialized teams Monitor ticket status through resolution Perform quality assurance on closed tickets Document all investigations in ticketing system with comprehensive notes Maintain incident timeline and evidence chain of custody Update incident status and metrics tracking Meet SLA requirements for investigation and escalation (typically 4-8 hours for critical incidents) Generate metrics reports for team and management review Mentor L1 analysts on investigation techniques and procedures Review L1 investigations and provide feedback for improvement Create runbooks and playbooks for common incident types Conduct training sessions on new threats, tools, and procedures Share threat intelligence and best practices with SOC team Review L1 alert dispositions and investigation quality Identify gaps in L1 knowledge and provide targeted training Validate that proper procedures are followed Suggest process improvements based on L1 experiences 3-5 years experience in SOC, threat detection, or incident response Proficiency with SIEM platforms (Splunk, Arc Sight, QRadar, or similar) Hands-on experience with EDR solutions (Crowd Strike, Microsoft Defender, Sentinel One) Strong understanding of security frameworks (MITRE ATT&CK, NIST Cybersecurity Framework) Knowledge of incident response processes and procedures Experience with security monitoring tools and techniques Strong understanding of networking (TCP / IP, DNS, HTTP / HTTPS, VPN, firewalls) Windows and Linux system administration fundamentals Knowledge of common attack vectors and threat landscape Ability to read and interpret logs (Windows Event Logs, Syslog, firewall logs, web logs) Understanding of malware analysis concepts (static vs. dynamic analysis) Basic scripting knowledge (Python, Bash, or Power Shell) for automation tasks Excellent analytical and problem-solving abilities Strong attention to detail and accuracy Ability to work through complex investigations methodically Data-driven decision making Pattern recognition and anomaly detection capabilities Excellent written communication for incident reports and escalations Ability to clearly explain technical findings to non-technical stakeholders Strong documentation and note-taking practices Clear verbal communication with team members and other departments Threat Intelligence : Experience consuming and applying threat intelligence Advanced Forensics : Digital forensics or malware analysis experience Automation : Experience with Python, Ansible, or similar for playbook automation Cloud Security : Experience with AWS, Azure, or GCP security monitoring Certifications : GIAC Security Essentials (GSEC), CEH, Security+, CISSP, or similar Incident Response : Prior incident response team experience Vulnerability Management : Experience with vulnerability assessment and remediation Compliance : Knowledge of compliance frameworks (PCI-DSS, HIPAA, SOC 2, ISO 27001
Position Overview
We are seeking a skilled and detail-oriented L2 / L2.5 Security Operations Center (SOC) Analyst to join our Security Operations team. This role sits at the critical intersection of threat detection, incident investigation, and escalation management. The successful candidate will be responsible for identifying, investigating, and responding to security threats while mentoring L1 analysts and collaborating with senior security teams.
Position Type : Full-time
Location : (On-site / Hybrid / Remote)
Experience Level : 8 years in cybersecurity / SOC operations.
Key Responsibilities
Tier 2 Incident Analysis & Investigation (45%)
Alert Triage & Investigation :
- Analyze and investigate alerts / incidents escalated from L1 analysts
- Determine incident severity, scope, and impact on business operations
- Conduct root cause analysis for security events and anomalies
- Perform deep-dive forensic analysis on suspicious activities
- Create detailed incident investigation reports with findings and recommendations
Threat Assessment :
Incident Containment & Response :
SIEM & Security Tool Management (25%)
SIEM Platform Operations :
Security Tool Administration :
Log Analysis & Threat Hunting :
Escalation & Ticket Management (15%)
Alert Routing & Escalation :
Ticket Management :
L1 Analyst Support & Mentoring (10%)
Knowledge Transfer :
Quality Assurance :
Technical Competencies
Required Skills (Must Have)
Security Operations :
Technical Knowledge :
Analytical Skills :
Communication & Documentation :
Desired Skills (Nice to Have)
Create a job alert for this search
Soc Analyst • Chennai, Tamil Nadu, India
Related jobs
We are seeking a skilled and detail-oriented L2 / L2.Security Operations Center (SOC) Analyst to join our Security Operations team.
This role sits at the critical intersection of threat detection, inc...Show more
Greetings from “HCL Software” Is a Product Development Division of HCL Tech!!.HCL Software” : - Is a Product Development Division of HCL Tech : That operates its primary Software Business.At HCL Soft...Show more
Cyber Security Specialist
Innefu Labs • Chennai, IN
We are seeking experienced and detail-oriented professionals for the role.The selected candidates will be responsible for assisting cybercrime investigations by collecting and analysing digital evi...Show more
Last updated: 25 days ago • Promoted
Lead Security Engineer
Arcana • Chennai, IN
As our Lead Security Engineer, you'll own and elevate Arcana's overall security posture - cloud, on-prem, and everything in between.
You'll design and enforce policies, automate controls, and harden...Show more
Last updated: 30+ days ago • Promoted
Security Operations Center Analyst
Yubi • Chennai, Tamil Nadu, India
Securities Roles and Responsibilities.Confidential and Proprietary Information of CredAvenue Private Limited (‘Yubi’).Only expressly authorized for individuals under obligations of confidentiality ...Show more
Last updated: 17 days ago • Promoted
Director of corporate Information Security
Chargebee • Chennai, Tamil Nadu, India
The Director / Head of Information Security will lead Chargebee’s Corporate Information Security function, working in close partnership with the Enterprise Cyber security (ECS) which manages produc...Show more
Last updated: 17 days ago • Promoted
Senior Application Security Engineer
Sphera • Chennai, IN
Sphera is a leading global provider of enterprise software and services that enables companies to manage and optimize their environmental, health, safety and sustainability.Our mission is to create...Show more
Last updated: 16 days ago • Promoted
L2 / L2.5 Security Operations Center (SOC) Analyst
TOCUMULUS • Chennai, Tamil Nadu, India
We are seeking a skilled and detail-oriented L2 / L2.Security Operations Center (SOC) Analyst to join our Security Operations team.
This role sits at the critical intersection of threat detection, inc...Show more
Last updated: 3 days ago • Promoted
L2 / L2.5 Security Operations Center (SOC) Analyst
Theomnihire • Chennai, TN, in
Quick Apply
Last updated: 4 days ago
Security Analyst
Exela Technologies • Chennai, Tamil Nadu, India
Privileged & Confidential Page | 1.Conduct vulnerability assessments and penetration tests to identify security weaknesses in.
Evaluate, rate, and perform risk assessments on assets.Prioritizing vul...Show more
Last updated: 6 days ago • Promoted
AppScan Product _Lead Security Expert _Remote Location
HCLSoftware • Chennai, IN
Remote
Last updated: 6 days ago • Promoted
Senior Application Security Engineer
Bahwan CyberTek • Chennai, Tamil Nadu, India
Proficiency in Application Security, API, AI- Vulnerability Assessment / Penetration Testing, red teaming.Highly skilled and proficient in manual and automated testing using OWASP Top 10 for Web, API...Show more
Last updated: 5 days ago • Promoted
Security Operations Center Architect
Exela Technologies • Chennai, Tamil Nadu, India
Lead and mentor the incident response (IR) team, fostering a culture of continuous improvement and collaboration.Develop, implement, and maintain the organization’s incident response strategy, proc...Show more
Last updated: 25 days ago • Promoted
Senior Security Engineer
CBTS • Chennai, Tamil Nadu, India
Senior level roles as IT Security Architect, IT Security Engineer, IT Security Auditor, Cyber-Security Analyst, Cyber-Intelligence Analyst.
Certifications, Accreditations, Licenses.One or more of th...Show more
Last updated: 30+ days ago • Promoted
WW-IN-Security-ID1097-SOC-JL11
DXC Technology • Chennai, Tamil Nadu, India
Position request for SOC Analyst (Cortex XSIAM) with 5-7 years experience.DXC is seeking an experienced SOC Analyst to support our customer.
As a SOC Analyst you will play a key role in the SOC you ...Show more
Last updated: 17 days ago • Promoted
Cyber Security Analyst
DraconX • Chennai, IN
DraconX is at the forefront of transforming cutting-edge ideas into intelligent, scalable digital solutions.As pioneers in AI business automation and AI-driven SaaS platforms, we specialize in crea...Show more
Last updated: 16 days ago • Promoted
Security Operations Engineer
ITPeopleNetwork • Chennai, IN
We are looking for a junior to mid-level.Saviynt Identity Access Management (IAM / IGA).CyberArk Endpoint Privilege Manager (EPM).
The ideal candidate will assist in user access governance, email thre...Show more
Last updated: 9 days ago • Promoted
Information Security Manager - US
Scrut Automation • Chennai, IN
Job Description : Information Security Manager - US.Position : Information Security Manager - US.Shift Timing : 6 : 00 PM - 3 : 00 AM IST.
Scrut Automation is an information security and compliance monit...Show more
Last updated: 19 hours ago • Promoted • New!
Lead Security Engineer
interface.ai • Chennai, IN
Our cutting-edge Generative AI-powered platform serves over 100 banks and credit unions, delivering hyper-personalized customer interactions across voice, chat, and employee-assisting solutions.To ...Show more
Last updated: 30+ days ago • Promoted
Information Security Analyst
Lexitas • Chennai, Tamil Nadu, India
Lexitas is a high growth company.The Company is built on a belief that having strong personal relationships with our clients, and providing reliable, accurate and professional services, is the driv...Show more
Last updated: 30+ days ago • Promoted