SOC Engineer - L3

SOC Engineer - L3

Location : Hyderabad

Mode : Hybrid

Role Summary

Act as the senior-level analyst responsible for handling complex security incidents and advanced threats.

Lead investigations, triage escalations from L1 / L2 analysts, and coordinate response actions.

Serve as the technical expert for SOC operations, threat detection, and remediation. Key Responsibilities.

Lead investigation and response for high-severity incidents (P1 / P2).

Perform root cause analysis and advanced threat hunting.

Guide L1 / L2 analysts on incident investigation procedures.

Coordinate with IT, network, application, and security teams for containment and remediation.

Develop and maintain incident response playbooks and standard operating procedures (SOPs).

Analyze alerts from SIEM, SOAR, EDR, NDR, WAF, and cloud security tools.

Identify patterns, anomalies, and emerging threats using threat intelligence.

Conduct malware analysis, phishing investigation, and forensic analysis when required.

Integrate threat intelligence into SOC workflows and monitoring systems.

Tune SIEM, SOAR, and detection rules for accuracy and efficiency.

Develop automation scripts and workflows to reduce manual SOC tasks.

Mentor and train L1 / L2 analysts on advanced detection techniques.

Participate in SOC process improvement initiatives.

Provide clear and detailed incident reports to SOC Manager and leadership.

Communicate threat impact and resolution status to internal stakeholders.

Support audit, compliance, and regulatory reporting requirements.

Collaborate with Red Team, Vulnerability Management, and CTI teams.

Qualifications & Skills Education & Certification

Bachelors or Masters in Computer Science, Information Security, or related field.

Relevant certifications preferred : CISSP, GCIA, GCIH, CEH, OSCP, Splunk / QRadar / Sentinel certs.

Technical Skills Advanced knowledge of :

SIEM / SOAR platforms (Splunk, QRadar, Sentinel, etc.)

Endpoint detection & response (CrowdStrike, Trellix, Defender, etc.)

Network, cloud, and web application security

Malware analysis, threat hunting, and forensic investigations

Experience with scripting / automation (Python, PowerShell, Bash).

Familiarity with MITRE ATT&CK framework and TTP analysis.

Soft Skills :

Strong analytical and problem-solving abilities.

Ability to work under pressure during critical incidents.

Excellent communication and documentation skills.

Team mentoring and knowledge-sharing aptitude.

Experience :

8-10 years in cybersecurity operations or SOC environment.

At least 2-3 years in advanced incident response or L3 SOC roles.

Experience in enterprise SOC or MSSP SOC preferred.