Enable job alerts via email!
SOC - Senior Engineer
Adani Group
Ahmedabad District
On-site
INR 12,00,000 - 16,00,000
Full time
3 days ago
Be an early applicant
Generate a tailored resume in minutes
Land an interview and earn more. Learn more
Job summary
A leading technology firm in Ahmedabad District is seeking an experienced Incident Responder to lead incident investigations and coordinate remediation actions. The ideal candidate should have a Bachelor’s degree in IT or Computer Science, 5-10 years of experience in handling security incidents, and familiarity with SIEM tools. Responsibilities include monitoring security events, conducting malware analysis, and developing security processes. This role requires working in a 24/7 environment, including night shifts, and offers a dynamic and challenging atmosphere.
Qualifications
- 5-10 years of experience in an Incident Responder/Handler role.
- Strong experience in SIEM processes and products.
- Ability to lead incident research and mentor junior analysts.
Responsibilities
- Monitor, identify, triage, and investigate security events.
- Detect and respond to security incidents.
- Create Standard Operating Procedures and training documentation.
Skills
Incident Detection and Response
Digital Forensics and Malware Analysis
Security Tools and Technologies
Scripting and Automation for Security Operations
Education
Bachelor’s degree in Information Technology or Computer Science
Advanced certification (GCIH, GCIA, GCFE, etc.)
Tools
SIEM Products (e.g., ArcSight, Microsoft Sentinel)
Splunk
Job description
Purpose/Objective
- The person is responsible for leading incident investigation and taking remediation action for other teams.
- This role requires hands‑on technical expertise and ability to communicate effectively the person is responsible for the collection, analysis and validation of all Security information and event activities that impact the organization either from within the network or outside its network.
Key Responsibilities of Role
- Responsible for handling day‑to‑day operations to monitor, identify, triage and investigate security events from various Endpoint (EDR), Network and Cloud security tools and detect anomalies, and report remediation actions.
- Responsible for detecting and responding to security incidents, coordinating cross‑functional teams to mitigate and eradicate threats.
- Effectively investigative and identify root cause findings then communicate findings to stakeholders including technical staff, and leadership.
- Work with key stakeholders to implement remediation plans in response to incidents.
- Author Standard Operating Procedures (SOPs) and training documentation when needed.
- Generates end‑of‑shift reports for documentation and knowledge transfer to subsequent analysts on duty.
- Responsible for working in a 24/7 environment including night shifts and the shifts are decided based on the business requirement.
- Conduct malware analysis, host and network, forensics, log analysis, and triage in support of incident response.
- Security Utilize state of the art technologies such as host forensics tools (FTK/Encase), Endpoint Detection & Response tools, log analysis (Sentinel) and network forensics (full packet capture solution) to perform hunt and investigative activity to examine endpoint and network‑based data.
- Recognize attacker and APT activity, tactics, and procedures as indicators of compromise (IOCs) that can be used to improve monitoring, analysis, and incident response.
- Develop and build security content, scripts, tools, or methods to enhance the incident investigation processes.
Technical Competencies
- Incident Detection and Response
- Digital Forensics and Malware Analysis
- Security Tools and Technologies
- Scripting and Automation for Security Operations
Qualifications and Experience
- Educational qualifications: Bachelor’s degree relevant to Information Technology, Computer Science/Engineering (or equivalent).
- Advanced certification desirable GCIH, GCIA, GCFE, GREM, GCFA, GSEC.
- Experience: Minimum 5-10 years in an Incident Responder/Handler role. Strong experience in SIEM (Security Incident and Event Monitoring) processes and Products (e.g., ArcSight, Microsoft Sentinel etc.).
- Full understanding of Tier 1 responsibilities/duties and how the duties feed into Tier 2.
- The ability to take lead on incident research when appropriate and be able to mentor junior analysts.
- Advanced knowledge of TCP/IP protocols.
- Knowledge of Windows, Linux operating systems.
- Knowledge of Intrusion Detection Systems (IDS) and SIEM technologies; Splunk or Sentinel experience.
- Knowledge on threat hunting.
- Deep packet and log analysis.
- Some Forensic and Malware Analysis.
- Cyber Threat and Intelligence gathering and analysis.
- Bachelor’s degree or equivalent experience.
Get your free, confidential resume review.
or drag and drop a PDF, DOC, DOCX, ODT, or PAGES file up to 5MB.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
Michael Carter
I was stuck sending out resumes with no response until I used JobLeads. They made my resume impossible for recruiters to ignore.
Sophie Reynolds
JobLeads' resume review helped me fix critical mistakes, and I started getting interviews almost immediately!
Daniel Fischer
With JobLeads' resume review, my resume went from overlooked to interview-ready in no time!