SOC Analyst L2

Job Title – SOC Analyst L2

Company – TCS (MEA)

Location – Al Khobar, Saudi Arabia

Job type – Full time

About Us :

Tata Consultancy Services (TCS) is an IT services, consulting and business solutions organization that has been partnering with many of the world’s largest businesses in their transformation journeys for over 50 years. TCS offers a consulting-led, cognitive powered, integrated portfolio of business, technology and engineering services and solutions. This is delivered through its unique Location Independent Agile delivery model, recognized as a benchmark of excellence in software development.

A part of the Tata group, India's largest multinational business group, TCS has over 616,171 of the world’s best-trained consultants with 157 nationalities in 53 countries. For more information, visit www.tcs.com and follow TCS news at @TCS_News.

Job Description :

Must Have:

• Good team skills working with teams across geographies
• Expertise working with Splunk and able to identify tuning recommendations for improved detection and accuracy
• Expert Splunk use-case/rules writing skills
• Expert Security Incident investigation and migration skills
• Expert analytical and problem-solving skills
• Good understanding of operating systems and networking
• Expert understanding of security threats and vulnerabilities
• Expert understanding of security tools and technologies such as FireWalls, VPN, IPS etc

Good-to-Have:

• DLP, anti-virus and anti-malware
• Use of system tools such as wireshark, ethereal, packet analyser etc
• Cloud computing
• SaaS models

Responsibility of / Expectations from the Role:

• Investigate security events and incidents escalated by SOC Lvl1 and Lvl2 analysts, mitigate the threat and prevent future occurrences
• Proficient in creating SIEM use-cases, correlation rules and baselines to monitor Malicious activity, IOCs and anomalies
• Work with Splunk Admin to onboard necessary logs
• Integrate Threat intelligence and other enrichment feeds to SIEM tool
• Ability to perform Major Incident Management and Incident Response
• Identify and assist in reducing False Positive Events by tuning Splunk UseCases
• Provide tuning and security standards recommendations to AMD Engineers
• Stay abreast of current threats and vulnerabilities, identify and report threats relevant to the environment
• Deep understanding of the ATT&CK matrix, with experience building use cases and SOPs around specified techniques.
• Proficient in creating and enhancing processes and SOPs
• Knowledge of integrating SOAR tools, creating playbooks and workflows
• Drive the identification, creation and refinement of the team’s processes and procedures

Application Deadline: 15-Jul-2025

Privacy Note:

https://www.tcs.com/connect-with-tcs/privacy-policy