SOC Analyst II

ConfidentialBengaluru / Bangalore, India

21 days ago

Job description

We're looking for a skilled and curious SOC Analyst II to help strengthen our real-time threat detection and incident response capabilities. You'll be at the front line of our security operations, monitoring real-time threats, fine-tuning detection systems, and leading incident investigations across cloud and on-prem environments. If you thrive in a high-stakes environment, love connecting the dots across logs and alerts, and are passionate about staying one step ahead of adversaries, this one's for you.

What You'll Do

Monitor and analyze security events across infrastructure, applications, and cloud environments using SIEM tools (especially Wazuh) and endpoint monitoring solutions.
Investigate alerts from WAF, DDoS protection platforms, intrusion detection / prevention systems, DLP, AV, Network Security, and perform initial triage, containment, and escalation of incidents.
Correlate logs and security data to detect threats, suspicious behavior, and policy violations using MITRE ATT&CK or other frameworks.
Maintain and fine-tune detection rules and correlation logic in Wazuh SIEM and other log aggregation platforms.
Respond to and manage security incidents (SOC L2 / L3 level) — perform root cause analysis, coordinate with stakeholders, and assist in recovery and documentation.
Operate and support network and application layer firewalls, DDoS mitigation platforms, and threat intelligence feeds.
Assist in defining and implementing security use cases, dashboards, and alerting mechanisms based on emerging threats and internal risk scenarios.
Collaborate with IT and DevOps teams to ensure logging, alerting, and telemetry coverage across servers, applications, APIs, and containers.
Contribute to the development of playbooks, SOPs, and knowledge base articles to standardize SOC operations and response.
Participate in threat hunting activities, post-incident reviews, and red / blue team exercises to strengthen detection capabilities.

What You Bring

Bachelor's degree in Computer Science, Information Security, or equivalent experience in SOC or IT Security operations.

3–6 years of experience working in a SOC, MSSP, or security operations environment.

Proven hands-on experience with SIEM tools — ideally Wazuh, ELK Stack, or similar open-source and enterprise SIEM platforms.

Strong understanding of Web Application Firewalls (WAF), anti-DDoS technologies, and network traffic analysis.

Experience monitoring and defending Linux / Windows environments, cloud platforms (AWS / GCP / Azure), and containerized infrastructure (Docker / Kubernetes).

Familiarity with threat intelligence, IOC enrichment, and behavioral analytics tools and processes.

Solid understanding of TCP / IP, DNS, HTTP, SSL / TLS, and common attacker techniques (reconnaissance, lateral movement, privilege escalation).

Experience with log parsing, data normalization, and use of regex, JSON, or scripting (Python / Bash) to automate analysis.

Good grasp of cybersecurity frameworks and standards like MITRE ATT&CK, NIST CSF, CIS Controls.

Ability to manage incidents with calm, clarity, and attention to detail — both independently and in collaboration with teams.

Why Join Us

Be part of a modern SOC function that values automation, continuous learning, and collaboration.

Get exposure to real-time security challenges across fintech, cloud, and SaaS ecosystems.

Be part of a forward-looking team that's actively exploring AI in security, both as a threat and a tool.

Enjoy a learning-driven culture with support for certifications, research, and community engagement.

Skills Required

Network Security, Bash, Http, Dns, Json, Siem Tools, Elk Stack, Windows, Gcp, Docker, Linux, behavioral analytics , Threat Intelligence, Regex, Azure, Kubernetes, Python, Aws

Create a job alert for this search

Soc Analyst • Bengaluru / Bangalore, India