Job Description

This position is with a leading industry organization, offered under direct payroll.
Entry-level SOC role(1–2 Years experience) focused on 24x7 monitoring, alert triage, and escalation. Works within SOC operations using SIEM, EDR, and basic threat detection workflows.

📄 Job Description

• Monitor security alerts using SIEM (Splunk, QRadar, Sentinel)
• Perform initial triage and alert validation
• Escalate incidents to L2 based on severity
• Analyze logs from firewalls, endpoints, IDS/IPS
• Follow SOC runbooks and playbooks
• Track incidents using ticketing tools (ServiceNow)
• Support vulnerability scanning activities
• Maintain documentation and incident logs

🎯 Roles & Responsibilities

• Review alerts and classify severity
• Validate false positives vs real threats
• Update tickets and escalate incidents
• Perform basic log analysis
• Coordinate with L2 for investigations
• Maintain shift reports and dashboards

Skills & Technologies:

Security Operations: SOC Monitoring, Incident Triage, Alert Handling
Tools: Splunk, QRadar, Microsoft Sentinel, ServiceNow
Endpoint/Network: EDR (Defender, CrowdStrike), Firewalls, IDS/IPS
Cloud: AWS basics, Azure fundamentals
Networking: TCP/IP, DNS, HTTP, VPN
Scripting: Basic Python, Bash
Frameworks: NIST, ISO 27001, MITRE ATT&CK

✅ Eligibility Criteria

• 1–2 yrs hands-on SOC exposure or internship
• Basic understanding of networking & security fundamentals
• Exposure to SIEM and log analysis
• Bachelor’s in CS/IT/Cybersecurity
• Certifications: Security+ / CEH (Preferred)