Location: Chennai
Qualification: Full-time B.E/ B.Tech / MCA / MSc (IT/Computer Science) / BCA / B.Sc (IT/Computer Science)
Experience: Minimum 7 years in IT, with at least 5 years in support & implementation of security products (Antivirus, Endpoint Protection, Mail Security, Network APT/EDR/Threat Hunting/Forensics).
Certifications: Certificate from a reputed Endpoint Protection Platform / EDR / ACC / Threat Hunting / Forensics product.
Availability: Immediate Joiner Preferred
Roles & Responsibilities
Advanced Incident Analysis
Investigate escalated incidents/alerts from L1 analysts. Perform deep-dive analysis using SIEM, correlating multiple data sources to confirm or rule out incidents.
Threat Hunting
Conduct proactive hunts using IOCs, behavioural patterns, and anomaly detection. Utilize SIEM tools/custom scripts. Document findings and update detection rules.
Malware Analysis
Perform basic malware analysis (hash verification, sandbox execution). Collect forensic evidence from endpoints/servers. Support L3 in reverse engineering when required.
Incident Response
Contain and remediate confirmed incidents (e.g., block IPs/domains). Coordinate with IT teams for patching/recovery. Prepare incident reports with timelines, impact, and remediation steps.
SIEM & Detection Rule Management
Fine-tune correlation rules to reduce false positives. Create new detection use cases for emerging threats. Validate rule effectiveness through testing.
Vulnerability Management
Review vulnerability scans, prioritize remediation based on risk/business impact, and coordinate with system owners for patching.
Threat Intelligence Integration
Analyse threat feeds, integrate IOCs into SIEM/security tools, and share intelligence with internal teams for proactive defence.
Compliance & Audit Support
Ensure incident handling aligns with RBI, ISO27001, and other regulatory requirements. Provide evidence for audits.
Documentation & Reporting
Maintain detailed incident records and RCA reports. Prepare weekly/monthly SOC performance and threat trend reports.
Mentoring & Knowledge Sharing
Guide L1 analysts on escalation criteria and investigation techniques. Conduct training sessions on tools and threat scenarios.
Key Skills
- Strong knowledge of Linux & Windows OS, Databases, and Network Management Software.
- Expertise in Endpoint Protection, EDR, Threat Hunting, and Forensics solutions.
- Excellent troubleshooting, documentation, and communication skills.
Join us to strengthen enterprise security operations and drive proactive defence strategies.