Skip to main content
Posted 12 June, 2026

SOC Analyst | Offshore | Unitedlex

Photon
Bangalore,Karnataka,IN,560066 Full Time
Reference: 218_550080_26028
Please find the attached JD. Also I have updated the experience requirement to 3-8 years. However, the experience we are looking for should be relevant SOC experience and not the candidate's total IT experience.
Sometimes candidates transition from other domains into SOC and may have limited SOC experience despite having extensive overall IT experience. Such candidates can still be considered if they demonstrate strong learning ability, adaptability, and good grasping skills and came from a networking background.

REQUIREMENTS & COMPETENCIES:

- Bachelor's degree.

- 3-8 years of experience of working in Security operations and Incident response.

- Hands-on experience with Hunter SIEM platform.

- Hands-on experience with SentinelOne and Microsoft Defender (EDR/XDR).

- Experience in creating detection rules, correlation logic, log onboarding, and SIEM content

management.

- Strong understanding of networking concepts and protocols including TCP/IP, DNS, HTTP/S,

SMTP, VPN, and firewall technologies

- Prior experience detecting, analyzing, and responding to security incidents.

- Demonstrated ability to analyze and correlate information from a wide variety of enterprise

technologies.

- Knowledge of MITRE ATT&CK framework and experience mapping security detections and

incidents to ATT&CK tactics and techniques a plus.

- Familiarity with cloud security monitoring and threat intelligence concepts.

- Strong experience working on scanning tool like Rapid 7.

- Ability to work in a 24x7 rotational SOC environment and handle high-severity incidents.

- Good communication and documentation skills.

RESPONSIBILITIES:

- Provide 24x7 monitoring, detection, triage, investigation, and incident response activities as

part of the Security Operations Center.

- Monitor and analyze security events and alerts across multiple technologies to identify

suspicious and malicious activities.

- Monitor and manage security technologies including Hunter SIEM, SentinelOne, Microsoft

Defender, IDS/IPS, vulnerability scanners (Rapid 7), and related security monitoring tools.

- Conduct proactive threat hunting activities to identify potential threats and indicators of

compromise.

- Investigate security alerts and incidents, determine root cause, and support containment,

remediation, and recovery activities.

- Identify successful and unsuccessful intrusion attempts through event correlation and analysis

across various security platforms.

- Ensure timely escalation and proper hand-off of security incidents for remediation and

closure.

- Develop, maintain, and optimize SIEM use cases, detection rules, filters, and alert

configurations to improve visibility and reduce false positives.

- Onboard and manage log sources and ensure proper log collection and monitoring within the

SIEM platform.

- Monitor SIEM platform health, log ingestion status, and availability of security monitoring

tools.

- Manage and track security incidents and tickets in accordance with defined SLAs.

- Support incident response activities and maintain complete documentation throughout the

incident lifecycle.

- Collaborate with internal teams, application owners, and external vendors to support security

initiatives and projects.

- Participate in shift handover activities to ensure continuity in 24x7 SOC operations.

- Continuously identify and implement opportunities for security process improvement and

enhancement of the organization's security posture.

Apply to this Job

Sign up for Job Alerts

By clicking Create Alert, you agree to the Global Terms of Use Agreement and acknowledge that you have read and understand the Global Privacy Policy.