Senior SOC Analyst

We are looking for a hybrid expert in cybersecurity operations and AI engineering to lead the development customization and operationalization of AI-powered SOC automation systems.

This role will bridge the gap between frontline SOC operations and backend AI / ML capabilitiesdriving intelligent alert triage threat detection and incident response automation through tools like Intezer Cortex XSOAR and custom AI pipelines.

You will play a key role in both defending the organization and building the intelligent systems that scale our defenses.

Key Responsibilities

SOC & Threat Detection (Analyst Responsibilities) :

Monitor and triage security alerts using AI-assisted tooling.

Analyze investigate and escalate incidents using threat intel and log data.

Provide threat context root cause analysis and response recommendations.

Fine-tune detection rules behavioral baselines and IOC correlations.

Serve as SME for SOC use cases and automation requirements.

AI Engineering & Automation :

Design and maintain ML models for anomaly detection classification and triage.

Build automation workflows using SOAR platforms (e.g. Cortex XSOAR).

Integrate AI models with SIEM EDR TIP and other SOC data sources.

Develop feedback loops based on SOC analyst input and incident data.

Reduce false positives / negatives through intelligent alert enrichment.

Collaboration & Strategy :

Collaborate with threat intel IR

Drive innovation in SOC tooling through automation and AI.

Maintain documentation model explainability and audit readiness.

Stay ahead of adversarial threats and AI misuse in cyber contexts.

Qualifications : Must-Have :

3 years in a SOC Analyst Incident Responder or Threat Hunter role.

2 years developing or applying AI / ML in a cybersecurity or security automation context.

Proficient in Python and ML libraries (Scikit-learn PyTorch TensorFlow).

Experience with SIEMs (Splunk Sentinel QRadar) SOARs (XSOAR TheHive) and EDRs (CrowdStrike Defender).

Strong grasp of MITRE ATT&CK threat detection and common attack vectors.

Familiarity with APIs REST JSON and integration of multiple security platforms.

Nice-to-Have :

Experience with malware classification threat intel enrichment or sandbox analysis (e.g. Intezer VirusTotal).

Knowledge of adversarial ML model hardening or explainable AI in SOC.

Experience with cloud-native security monitoring (AWS / GCP / Azure).

Familiarity with MLOps data pipelines or model deployment in production.

Additional Information :

At Freshworks we have fostered an environment that enables everyone to find their true potential purpose and passion welcoming colleagues of all backgrounds genders sexual orientations religions and ethnicities. We are committed to providing equal opportunity and believe that diversity in the workplace creates a more vibrant richer environment that boosts the goals of our employees communities and business. Fresh vision. Real impact. Come build it with us.

Remote Work : No

Employment Type : Full-time

Key Skills

Splunk,IDS,Microsoft Access,SQL,Cybersecurity,Intelligence Experience,Malware Analysis,Tableau,Analysis Skills,SAS,Data Analysis Skills,Analytics

Experience : years

Vacancy : 1