1,307 Soc Engineer jobs in India

SOC L2 Engineer

Location - Bangalore/Chandigarh

Experience - 4+ years

Hands-on expertise with either IBM QRadar and/or Microsoft Sentinel SIEM platforms

As this is an immediate need, candidates who can join within 30 days may apply.

About the Role: We are seeking a highly skilled and motivated L2 SOC Engineer with 4-6 years of experience in implementing security solutions, maintenance and troubleshooting. The ideal candidate will have deep hands-on expertise with either IBM QRadar and/or Microsoft Sentinel SIEM platforms. You will play a crucial role in integration, monitoring, and analyzing to security tools/incidents, and contributing to the continuous improvement of our security posture.

Key Responsibilities:

• SIEM Administration & Optimization:
• Support the administration, maintenance, and health monitoring of the SIEM platform (QRadar or Microsoft Sentinel).
• Log source integration and parsing.
• Assist with log source onboarding, parser development, and data normalization within the SIEM.
• Contribute to the continuous improvement of SOC processes, playbooks, and standard operating procedures (SOPs).
• Security Monitoring & Incident Response:
• Conduct thorough investigations to determine the scope, root cause, and impact of security incidents (e.g., malware infections, phishing attempts, unauthorized access, denial-of-service attacks).
• Execute incident response procedures, including containment, eradication, and recovery, in accordance with established playbooks and industry best practices (e.g., NIST, MITRE ATT&CK).
• Document all incident details, analysis findings, and remediation steps accurately and comprehensively in the incident management system.
• Collaborate with cross-functional teams (IT operations, network, application development) to facilitate incident resolution and implement corrective actions.
• Participate in on-call rotation as required to ensure 24/7 security coverage.

Required Skills and Qualifications:

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• 4-6 years of hands-on experience in a Security Operations Center (SOC) environment.
• Strong expertise with either IBM QRadar and Microsoft Sentinel, including:
• In-depth knowledge of SIEM components and how it works.
• Good troubleshooting skills.
• In-depth knowledge of log source integration troubleshooting.
• Experience in developing and optimizing correlation rules, use cases, and dashboards.
• Familiarity with log source integration and data ingestion.
• (For QRadar): Experience with QRadar AQL (Ariel Query Language) and building blocks.
• (For Sentinel): Proficiency with KQL (Kusto Query Language) and Azure security services (Azure AD, Azure Security Center, Azure Log Analytics).
• Strong knowledge of network protocols (TCP/IP, HTTP, DNS, SMTP, etc.) and network security concepts (firewalls, IDS/IPS, VPNs).
• Proficiency in analyzing logs from various sources (Windows Event Logs, Linux logs, firewall logs, web server logs, cloud logs).
• Familiarity with scripting languages (e.g., Python, PowerShell) for automation and data analysis is a plus.
• Excellent analytical, problem-solving, and critical thinking skills.
• Strong written and verbal communication skills, with the ability to articulate technical issues to both technical and non-technical audiences.
• Ability to work effectively both independently and as part of a team in a fast-paced environment.

Preferred Certifications (one or more highly desirable):

• Microsoft Certified: Azure Security Engineer Associate (for Sentinel focus)
• IBM Certified Analyst - Security QRadar SIEM

SOC L2 Engineer

Location - Bangalore/Chandigarh

Experience - 4+ years

Hands-on expertise with either IBM QRadar and/or Microsoft Sentinel SIEM platforms

As this is an immediate need, candidates who can join within 30 days may apply.

About the Role: We are seeking a highly skilled and motivated L2 SOC Engineer with 4-6 years of experience in implementing security solutions, maintenance and troubleshooting. The ideal candidate will have deep hands-on expertise with either IBM QRadar and/or Microsoft Sentinel SIEM platforms. You will play a crucial role in integration, monitoring, and analyzing to security tools/incidents, and contributing to the continuous improvement of our security posture.

Key Responsibilities:

• SIEM Administration & Optimization:
• Support the administration, maintenance, and health monitoring of the SIEM platform (QRadar or Microsoft Sentinel).
• Log source integration and parsing.
• Assist with log source onboarding, parser development, and data normalization within the SIEM.
• Contribute to the continuous improvement of SOC processes, playbooks, and standard operating procedures (SOPs).
• Security Monitoring & Incident Response:
• Conduct thorough investigations to determine the scope, root cause, and impact of security incidents (e.g., malware infections, phishing attempts, unauthorized access, denial-of-service attacks).
• Execute incident response procedures, including containment, eradication, and recovery, in accordance with established playbooks and industry best practices (e.g., NIST, MITRE ATT&CK).
• Document all incident details, analysis findings, and remediation steps accurately and comprehensively in the incident management system.
• Collaborate with cross-functional teams (IT operations, network, application development) to facilitate incident resolution and implement corrective actions.
• Participate in on-call rotation as required to ensure 24/7 security coverage.

Required Skills and Qualifications:

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• 4-6 years of hands-on experience in a Security Operations Center (SOC) environment.
• Strong expertise with either IBM QRadar and Microsoft Sentinel, including:
• In-depth knowledge of SIEM components and how it works.
• Good troubleshooting skills.
• In-depth knowledge of log source integration troubleshooting.
• Experience in developing and optimizing correlation rules, use cases, and dashboards.
• Familiarity with log source integration and data ingestion.
• (For QRadar): Experience with QRadar AQL (Ariel Query Language) and building blocks.
• (For Sentinel): Proficiency with KQL (Kusto Query Language) and Azure security services (Azure AD, Azure Security Center, Azure Log Analytics).
• Strong knowledge of network protocols (TCP/IP, HTTP, DNS, SMTP, etc.) and network security concepts (firewalls, IDS/IPS, VPNs).
• Proficiency in analyzing logs from various sources (Windows Event Logs, Linux logs, firewall logs, web server logs, cloud logs).
• Familiarity with scripting languages (e.g., Python, PowerShell) for automation and data analysis is a plus.
• Excellent analytical, problem-solving, and critical thinking skills.
• Strong written and verbal communication skills, with the ability to articulate technical issues to both technical and non-technical audiences.
• Ability to work effectively both independently and as part of a team in a fast-paced environment.

Preferred Certifications (one or more highly desirable):

• Microsoft Certified: Azure Security Engineer Associate (for Sentinel focus)
• IBM Certified Analyst - Security QRadar SIEM

Job Position: SOC Engineer

Location: PAN.

Experience: 5+ to 10+ Years

Must have: Forensics - Others

Roles Responsibilities

• Review daily operational activities and timely mentor junior analysts
• Conduct detailed analysis on escalated events and handover the call to the Incident Response team along with appropriate evidence
• Ensure 100 incidents validation and closure
• Manage shifts and facilitate knowledge transfer within shifts shift handover
• Study attack types and methods while monitoring the environment for threats
• Perform deep dive incident analysis by correlating data from various sources
• Document and archive artefacts for future reference
• Define the criticality of behaviour events based on experience and information security understanding
• Lead operations and act as a security consultant for incidents and s observed
• Guide junior analysts in investigations analysis and categorization
• Monitor various technology dashboards and identify any suspicious activities or anomalies
• Ensure quality check for all s and incidents raised by L1 analysts
• Investigate and close testing incidents defining the steps and processes
• Prepare daily summary reports
• Raise control related concerns such as SOAR and SIEM
• Define operations related activities
• Review IRC SOP and manage all other process documents
• Submit audit data
• Escalate to seniors before the TAT breach
• Handle TAT responsibilities
• Validate SOC incidents by the Bank L2 team
• This role requires a proactive approach to security operations ensuring thorough analysis and validation of incidents mentoring junior analysts and maintaining high standards of documentation and reporting

Job Position: SOC Engineer

Location: PAN.

Experience: 5+ to 10+ Years

Must have: Forensics - Others

Roles Responsibilities

• Review daily operational activities and timely mentor junior analysts
• Conduct detailed analysis on escalated events and handover the call to the Incident Response team along with appropriate evidence
• Ensure 100 incidents validation and closure
• Manage shifts and facilitate knowledge transfer within shifts shift handover
• Study attack types and methods while monitoring the environment for threats
• Perform deep dive incident analysis by correlating data from various sources
• Document and archive artefacts for future reference
• Define the criticality of behaviour events based on experience and information security understanding
• Lead operations and act as a security consultant for incidents and s observed
• Guide junior analysts in investigations analysis and categorization
• Monitor various technology dashboards and identify any suspicious activities or anomalies
• Ensure quality check for all s and incidents raised by L1 analysts
• Investigate and close testing incidents defining the steps and processes
• Prepare daily summary reports
• Raise control related concerns such as SOAR and SIEM
• Define operations related activities
• Review IRC SOP and manage all other process documents
• Submit audit data
• Escalate to seniors before the TAT breach
• Handle TAT responsibilities
• Validate SOC incidents by the Bank L2 team
• This role requires a proactive approach to security operations ensuring thorough analysis and validation of incidents mentoring junior analysts and maintaining high standards of documentation and reporting

SOC L2 Engineer

Location - Bangalore/Chandigarh

Experience - 4+ years

Hands-on expertise with either IBM QRadar and/or Microsoft Sentinel SIEM platforms

As this is an immediate need, candidates who can join within 30 days may apply.

About the Role: We are seeking a highly skilled and motivated L2 SOC Engineer with 4-6 years of experience in implementing security solutions, maintenance and troubleshooting. The ideal candidate will have deep hands-on expertise with either IBM QRadar and/or Microsoft Sentinel SIEM platforms. You will play a crucial role in integration, monitoring, and analyzing to security tools/incidents, and contributing to the continuous improvement of our security posture.

Key Responsibilities:

• SIEM Administration & Optimization:
• Support the administration, maintenance, and health monitoring of the SIEM platform (QRadar or Microsoft Sentinel).
• Log source integration and parsing.
• Assist with log source onboarding, parser development, and data normalization within the SIEM.
• Contribute to the continuous improvement of SOC processes, playbooks, and standard operating procedures (SOPs).
• Security Monitoring & Incident Response:
• Conduct thorough investigations to determine the scope, root cause, and impact of security incidents (e.g., malware infections, phishing attempts, unauthorized access, denial-of-service attacks).
• Execute incident response procedures, including containment, eradication, and recovery, in accordance with established playbooks and industry best practices (e.g., NIST, MITRE ATT&CK).
• Document all incident details, analysis findings, and remediation steps accurately and comprehensively in the incident management system.
• Collaborate with cross-functional teams (IT operations, network, application development) to facilitate incident resolution and implement corrective actions.
• Participate in on-call rotation as required to ensure 24/7 security coverage.

Required Skills and Qualifications:

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• 4-6 years of hands-on experience in a Security Operations Center (SOC) environment.
• Strong expertise with either IBM QRadar and Microsoft Sentinel, including:
• In-depth knowledge of SIEM components and how it works.
• Good troubleshooting skills.
• In-depth knowledge of log source integration troubleshooting.
• Experience in developing and optimizing correlation rules, use cases, and dashboards.
• Familiarity with log source integration and data ingestion.
• (For QRadar): Experience with QRadar AQL (Ariel Query Language) and building blocks.
• (For Sentinel): Proficiency with KQL (Kusto Query Language) and Azure security services (Azure AD, Azure Security Center, Azure Log Analytics).
• Strong knowledge of network protocols (TCP/IP, HTTP, DNS, SMTP, etc.) and network security concepts (firewalls, IDS/IPS, VPNs).
• Proficiency in analyzing logs from various sources (Windows Event Logs, Linux logs, firewall logs, web server logs, cloud logs).
• Familiarity with scripting languages (e.g., Python, PowerShell) for automation and data analysis is a plus.
• Excellent analytical, problem-solving, and critical thinking skills.
• Strong written and verbal communication skills, with the ability to articulate technical issues to both technical and non-technical audiences.
• Ability to work effectively both independently and as part of a team in a fast-paced environment.

Preferred Certifications (one or more highly desirable):

• Microsoft Certified: Azure Security Engineer Associate (for Sentinel focus)
• IBM Certified Analyst - Security QRadar SIEM

Roles and Responsibilities:

1) Sound knowledge on Linux, preferably with Red Hat Certification (RHCE) with detailed log analysis expertise.

2) An overall understanding of the following, with expertise in either domain

a. Clustering

b. Application Servers (Java/Tomcat)

c. Database Storage d. Network (SSL, DNS, HTTP, TCP/IP, Load Balancing concepts)

3) Self-Starter who is comfortable working as part of a globally distributed team

4) Attention to detail and ability to develop and perform standard operating procedures is a must

• 5) Must be willing to work in various shifts in a 24/7 environment as needed, and flexible to assist in shift coverage