SOC Level 3 Implementation Engineer/Analyst

About Position:

As a SOC L3 Analyst, you will be responsible for leading the investigation and response to complex security incidents, engineering advanced detection content, and optimizing security tools and processes. With a strong focus on Splunk, content engineering, Endpoint Detection and Response (EDR), and Security Orchestration, Automation, and Response (SOAR), you will enhance the SOC's capabilities to detect and mitigate advanced cyber threats. Collaborate with other SOC analysts, threat intelligence teams, and IT departments to improve overall security posture. Provide mentorship and guidance to L1 and L2 analysts, sharing knowledge and best practices.

• Role: SOC Level 3 Implementation Engineer/Analyst
• Location: Pune/ Hyderabad
• Experience: 8 Years – 11 Years
• Job Type: Full Time Employment
• Note: Working Conditions: This role requires working in shifts to provide 24/7 security monitoring.

What You'll Do:

• Advanced Incident Response:
• Security Solution Design and Architecture
• Collaborate with stakeholders to understand business requirements and define the architecture and design of security solutions within the SOC.
• Actively participate in Technical Table Top Drills (internal and external).
• Actively participate in Incident Response bridge calls.
• Develop comprehensive security architecture blueprints, SOC Maturity, defense-in-depth strategies.
• Experience with security technologies and tools, such as QRadar, Splunk, SumoLogic, Palo Alto SIEM & SOAR, CrowdStrike & SentinelOne EDR, and endpoint protection platforms.
• Technology Evaluation and Selection
• Evaluate and recommend security technologies, products, and vendors based on organizational needs, industry best practices, and emerging threats.
• Conduct proof-of-concept (POC) evaluations to assess the performance, functionality, and suitability of security solutions for deployment within the SOC environment.
• Security Solution Implementation
• Lead the implementation and deployment of security technologies SIEM and SOAR and solutions within the SOC, ensuring adherence to design specifications and security standards.
• Configure and customize security products and tools to align with organizational requirements and operational workflows.
• Coordinate with cross-functional teams, including network engineering, system administration, and application development, to facilitate smooth deployment and integration.
• Process Development and Optimization
• Define and document security processes, procedures, and workflows within the SOC, including incident detection, response, and remediation.
• Implement automation and orchestration capabilities to streamline SOC operations and improve response times to security incidents.
• Continuously assess and optimize security processes to enhance efficiency, effectiveness, and scalability.
• Security Tool Management and Administration
• Administer and maintain security monitoring and detection tools deployed within the SOC environment, such as SIEM (Security Information and Event Management), SOAR and EDR (Endpoint Detection and Response) platforms.
• Perform routine maintenance tasks, including software updates, patch management, and configuration changes, to ensure the reliability and performance of security tools.
• Troubleshoot and resolve technical issues related to security tools and infrastructure, collaborating with vendors and support teams as needed.
• Log Source integration and its troubleshooting.
• Documentation and Knowledge Transfer
• Prepare RCA for P1 and P2 Security Incidents.
• Maintain comprehensive documentation of implemented security solutions, configurations, and processes, including design documents, deployment guides, and standard operating procedures (SOPs).
• Provide training and knowledge transfer to SOC analysts and other stakeholders on new security technologies, tools, and procedures.
• Conduct technical training sessions, workshops, and brown bag sessions to enhance the skills and capabilities of the SOC team.

Expertise You'll Bring:

• Bachelor's degree in computer science, Information Security, or a related field (or equivalent experience).
• 8+ years of experience in a cybersecurity role, with a focus on security solution design and implementation.
• Strong understanding of cybersecurity principles, concepts, and technologies, including network security, endpoint security, and threat detection.
• Experience with security technologies and tools, such as QRadar, Splunk, SumoLogic, Palo Alto SIEM & SOAR, CrowdStrike & SentinelOne EDR, firewalls, and endpoint protection platforms.
• Proficiency in scripting and automation languages (e.g., Python, PowerShell) for integration and workflow automation.
• Excellent analytical, problem-solving, and communication skills.
• Relevant certifications (e.g., CEH, CISSP, CCSP, CISM, GIAC) are preferred.

Benefits:

• Competitive salary and benefits package
• Culture focused on talent development with quarterly promotion cycles and company-sponsored higher education and certifications
• Opportunity to work with cutting-edge technologies
• Employee engagement initiatives such as project parties, flexible work hours, and Long Service awards
• Annual health check-ups
• Insurance coverage: group term life, personal accident, and Mediclaim hospitalization for self, spouse, two children, and parents

Inclusive Environment:

Persistent Ltd. is dedicated to fostering diversity and inclusion in the workplace. We invite applications from all qualified individuals, including those with disabilities, and regardless of gender or gender preference. We welcome diverse candidates from all backgrounds.

• We offer hybrid work options and flexible working hours to accommodate various needs and preferences.
• Our office is equipped with accessible facilities, including adjustable workstations, ergonomic chairs, and assistive technologies to support employees with physical disabilities.
• If you are a person with disabilities and have specific requirements, please inform us during the application process or at any time during your employment. We are committed to creating an inclusive environment where all employees can thrive.

Our company fosters a value-driven and people-centric work environment that enables our employees to:

• Accelerate growth, both professionally and personally
• Impact the world in powerful, positive ways, using the latest technologies
• Enjoy collaborative innovation, with diversity and work-life wellbeing at the core
• Unlock global opportunities to work and learn with the industry's best

Let's unleash your full potential at Persistent

"Persistent is an Equal Opportunity Employer and prohibits discrimination and harassment of any kind."