Soc Analyst L3

Job Description

Job Title: SOC Analyst L3 Department: Technology Location: Mumbai, IN Reporting To: AVP Cybersecurity Looking for immediate joiners Job Description Summary The SOC Analyst L3 will be part of the existing Ares Global SOC team, responsible for day-to-day security operations. The role involves responding to and investigating security events, recommending or implementing corrective actions, and collaborating with IT and non-IT team members. Additionally, the analyst will handle security incidents and investigation requests following established Security Incident Response processes within defined service level targets. This is a shift-based role operating in a 24x7x365 environment. Primary Functions and Responsibilities SOC Responsibilities Respond to security incidents identified by internal controls or external SOC partners. Adhere strictly to service level agreements (SLAs), metrics, and business scorecard obligations for ticket handling of security incidents and events. Proficient in Incident Response and automation workflows related to Security Operations. Detect, identify, and respond to cyber events and incidents per cybersecurity policies and procedures. Independently lead and manage security event investigations, collaborating with other departments as needed. Coordinate and escalate incidents as per protocols, assist with event classification, direct remediation efforts, and provide necessary documentation. Serve as an Incident Responder, aligning with the team for documenting incident life cycles, conducting handoffs, escalating issues, and supporting cyber incident investigations. Engage in Threat Research, staying informed about the latest malware trends, attack tactics, techniques, and procedures (TTPs), and the general threat landscape. Perform reactive threat hunting to detect incidents and tune rules and thresholds to enhance alert fidelity. Train, mentor, and motivate junior team members. Documentation and Reporting Evaluate and update SOC procedures and runbooks as required. Provide daily handovers and shift details. Ensure timely delivery of Daily, Weekly, and Monthly reports as required by management. Qualifications Education Bachelors degree in Computer Science, Information Technology, Business, or a related discipline. Professional Certifications such as CEH, CCSE, CCNA, Security+, etc. SIEM certification or related Security technology certification is a plus. Experience At least 5 years of experience in Enterprise Cybersecurity or a reputed Services/Consulting firm providing Security Consulting, Implementation, and Managed Security services. More than 3 years of technical experience in Security Operations Center (SOC) and Information Security. Hands-on experience with one or more Security Information and Event Management (SIEM) solutions. General Requirements Willingness to work in 24x7x365 shifts. Ability to work from the Ares Office located in Mumbai. Strong understanding of common attack methods and their SIEM signatures. Experience in security monitoring, Incident Response (IR), and security remediation. Proficient in Security Event Analysis. Knowledge of network protocols (TCP/IP stack, SSL/TLS, IPSEC, SMTP/IMAP, FTP, HTTP, etc.). Understanding of Operating Systems, Web Servers, databases, and Security devices (firewall/NIDS/NIPS) logs and log formats. Strong analytical and problem-solving skills. High level of personal integrity and professionalism in handling confidential matters. Ability to interact effectively across all levels with cultural sensitivity. Adaptability to evolving external environments and organizational changes. Passion for cybersecurity and willingness to learn current technologies and concepts. Knowledge of cybersecurity frameworks and attack methodologies. Experience working with EDRs, Proxies, and anti-virus tools. Understanding of intrusion detection methodologies and techniques for detecting host and network-based intrusions. Excellent verbal and written English communication skills.