Security Operations Center

Job Description: The Security Operations Center professional will be responsible for monitoring, analyzing, and responding to security incidents within a 24x7 SOC environment. This role focuses on incident response, malware analysis, cloud security monitoring, and continuous improvement of detection and response capabilities across on-prem and cloud environments. Responsibilities: Monitor and analyze security alerts generated from SIEM, EDR, and other security tools within a SOC environment. Lead and execute incident response activities including triage, containment, eradication, and recovery. Perform static and dynamic malware analysis to identify root cause and attacker behavior. Investigate network traffic, logs, and data flows to detect suspicious or malicious activity. Respond to cloud security incidents across AWS and GCP environments. Coordinate with Tier 1 and Tier 2 SOC analysts and escalate incidents as required. Conduct post-incident analysis and prepare detailed incident reports and root cause analysis documentation. Tune SIEM use cases, alerts, and detection rules to reduce false positives. Support endpoint protection and EDR tools for threat detection and response. ssist with threat hunting and proactive security monitoring activities. Follow and enforce information security policies, standards, and incident response playbooks. Requirement / Must Have: Hands-on experience working in a SOC or Incident Response role. Strong knowledge of SIEM platforms such as Client, QRadar, Sentinel, ArcSight, or equivalent. Experience with incident response frameworks and SOC workflows. Proficiency in static and dynamic malware analysis. Solid understanding of networking fundamentals including TCP/IP, DNS, firewalls, and proxies. Experience analyzing logs, packet captures, and data flows. Hands-on experience with endpoint protection and EDR solutions. Working knowledge of AWS and GCP security services. Strong troubleshooting and analytical skills. Experience: Prior experience supporting 24x7 SOC operations and handling high-severity security incidents. Should Have: Experience with SOAR tools and security automation. Exposure to threat intelligence platforms, MITRE Telecommunication&CK framework, and threat hunting. Familiarity with compliance frameworks such as NIST, ISO 27001, and SOC 2. Skills: Incident response and cyber threat analysis. Malware analysis and forensic investigation. Cloud security monitoring and response. Log analysis and network traffic investigation. Clear documentation and reporting skills. bility to remain calm and effective during critical incidents. Certification And Education: Incident Response certifications such as GCIH, GCIA, or GCED preferred. Security certifications such as Security+, CEH, CISSP, or equivalent preferred. WS Security certification preferred. GCP Professional Cloud Security Engineer certification preferred.

Created: 2026-03-04