Senior SOC Analyst

Job Title: SOC Analyst- L2

Location: Bangalore (on site)

Experience Level: 4 to 8 years

The candidate must be willing to work in rotational shifts 24/7.

About ColorTokens

At ColorTokens, we empower businesses to stay operational and resilient in an increasingly complex cybersecurity landscape. Breaches happen—but with our cutting-edge ColorTokens Xshield platform, companies can minimize the impact of breaches by preventing the lateral spread of ransomware and advanced malware. We enable organizations to continue operating while breaches are contained, ensuring critical assets remain protected.

Our innovative platform provides unparalleled visibility into traffic patterns between workloads, OT/IoT/IoMT devices, and users, allowing businesses to enforce granular micro-perimeters, swiftly isolate key assets, and respond to breaches with agility. Recognized as a Leader in the Forrester Wave: Microsegmentation Solutions (Q3 2024), ColorTokens safeguards global enterprises and delivers significant savings by preventing costly disruptions.

Join us in transforming cybersecurity. Learn more at www.colortokens.com.

Our culture

We foster an environment that values customer focus, innovation, collaboration, mutual respect, and informed decision-making. We believe in alignment and empowerment so you can own and drive initiatives autonomously.

Self-starters and highly motivated individuals will enjoy the rewarding experience of solving complex challenges that protect some of the world's impactful organizations - be it a children's hospital, or a city, or the defense department of an entire country.

Company Overview:

ColorTokens is a fast-growing cybersecurity product company that is redefining the way enterprises protect their digital assets. Our market-leading Xshield platform enables Zero Trust microsegmentation and real-time visibility into application traffic, ensuring robust protection against modern cyber threats. We are looking for passionate and driven individuals to join our mission in building cutting-edge security products.

Job Description:

Skills and Experience:

• 4+ years of security operations experience
• Correlate and analyse events using the Splunk/Log Rhythm/Qradar and stellar cyber SIEM tool to detect IT security incidents. Knowledge of network and endpoint security, threat intelligence, and vulnerabilities.
• Conduct analysis of log files, including forensic analysis of system resource access.
• Review customer reports to ensure quality and accuracy.
• Monitor multiple security technologies, such as SIEM, IDS/IPS, Firewalls, Switches, VPNs, networking and other security threat data sources.
• Knowledge of sandbox and malware analysis.
• Knowledge of Cyber Kill Chain and MITRE ATT&CK frameworks functionality.
• Possible attack activities, such as scans, man in the middle, sniffing, DoS, DDoS, etc. and possible abnormal activities, such as worms, Trojans, viruses, etc.
• CCNA, CEH, CISSP, GCA, GCIA, GCIH, SANS certification would be preferable.
• High level of integrity, professionalism, and attention to detail
• Ability to communicate complex security issues to peers and management alike.
• A motivated, self-managed, individual who can demonstrate above average analytical skills and work professionally with peers and customers even under pressure.

Roles & Responsibilities:

• Senior level SOC analyst, mentoring junior analysts.
• Develop and maintain SOC processes, playbooks, and standard operating procedures to ensure consistent and effective response to security events.
• Incident Analysis: Conduct detailed analysis of escalated security incidents. Coordination of end to-end Security Incident management on escalated incidents, ensuring timely updates to stakeholders and efficient resolution of incidents, to achieve the RCA.
• Threat Monitoring and Analysis: Monitor security alerts and events using SIEM and other security tools. Lead and coordinate proactive threat hunting to identify potential risks and vulnerabilities. Analyzing and integrate threat intelligence feeds to the platforms and stay updated on emerging threats.
• Collaboration: Creatively solve problems collaborating with SecOps, Platform, Delivery, IT and

Engineering team members.

• Monitoring and analysis of security events to detect and respond to threats. Ensure timely and effective responses to security events, including root cause analysis, containment, eradication, and recovery. Coordinate with other departments, ensuring clear communication and alignment.
• Forensic Analysis: Perform forensic analysis and malware analysis of Computers. Collect and analyze forensic artifacts, including memory and disk images to identify malicious activity.

Gather evidence for legal and investigative purposes.

• Continuously improve SOC operations by evaluating and implementing new tools, technologies, and methodologies. Automate workflows using PowerShell, regular expressions, and API.
• Integrate threat intelligence into SOC operations, ensuring that the team is aware of and prepared for emerging threats. Oversee the creation and refinement of detection rules, ensuring they are aligned with MITRE ATT&CK Framework. Lead efforts to identify gaps in monitoring and develop strategies to enhance detection capabilities.
• Work closely with the IT and cybersecurity teams to ensure alignment on security strategies and initiative.

Qualifications:

• Education: Bachelor's degree in information technology, Computer Science, Business, or Engineering required, or equivalent experience.
• Certifications: Advanced certifications such as CISSP, OSCP, GCIH, GSOC or GCIA.
• Incident Response Experience: 4+ years of experience in Cyber Incident response and investigations.
• Strong interpersonal skills with the ability to collaborate well with others. And, strong written, verbal and communication skills must need

Why Join Us?

• Work on a cutting-edge cybersecurity product in a fast-paced startup environment.
• Collaborate with a world-class team of engineers and security experts.
• Opportunity to learn, grow, and make a real impact from day one.