Tier 2 SOC Analyst

21 hours ago


Pune, Maharashtra, India APN Consulting, Inc. Full time

Role: Tier 2 Cyber Security Operations Analyst

Location: India Pune Remote (future hybrid)

Duration: 3-month contract to hire

Work hours: listed below under Work Environment

Job Overview:

The Tier 2 Cyber Security Operations Analyst is responsible for performing advanced analysis of security incidents, conducting in-depth investigations, and implementing mitigation strategies to protect organizational IT infrastructure. This role serves as an escalation point for Tier 1 analysts, requiring strong technical expertise, analytical skills, and the ability to handle complex cyber threats in a fast-paced SOC environment.

Key Responsibilities:

1. Incident Analysis and Response:

- Investigate escalated security incidents from Tier 1, including malware infections, advanced persistent threats (APTs), phishing campaigns, and unauthorized access attempts.

- Perform root cause analysis to identify the source, scope, and impact of incidents.

- Implement containment, eradication, and recovery measures, such as isolating compromised systems or applying security patches.

2. Threat Hunting and Proactive Monitoring:

- Conduct proactive threat hunting using SIEM tools and endpoint detection and response (EDR/XDR) platforms.

- Analyze Indicators of Compromise (IoCs) and Tactics, Techniques, and Procedures (TTPs) to identify potential threats.

- Correlate logs and alerts to detect patterns of malicious activity.

3. Security Tool Optimization:

- Configure and fine-tune security tools, including SIEM and SOAR platform.

- Develop and update SIEM rules, dashboards, and alerts to improve detection accuracy.

4. Documentation and Reporting:

- Document incident details, including timelines, findings, and remediation steps, in ticketing systems.

- Prepare detailed incident reports and post-incident reviews for management and compliance purposes.

- Contribute to the development of standard operating procedures (SOPs) and playbooks for incident response.

5. Collaboration and Escalation:

- Work closely with Tier 1 analysts to mentor and guide them on alert triage and basic incident handling.

- Collaborate with Senior Analysts, threat intelligence teams, and IT departments for advanced investigations and remediation.

- Liaise with external stakeholders, such as CERT-In or third-party vendors, during major incidents.

6. Threat Intelligence Integration:

- Incorporate threat intelligence feeds into security monitoring processes.

- Stay updated on emerging cyber threats, vulnerabilities, and attack trends relevant to the organization's industry.

Skills and Qualifications:

  • Education: Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. Relevant certifications or equivalent experience may substitute.
  • Experience: 4-7 years of experience in cybersecurity, preferably in a SOC environment or as a Tier 1 analyst. Hands-on experience with incident response is essential.

Technical Skills:

  • Advanced knowledge of networking protocols (TCP/IP, DNS, VPN) and operating systems (Windows, Linux, macOS).
  • Proficiency with SIEM platforms, EDR/XDR tools, and network security appliances.
  • Experience with log analysis, packet capture tools (e.g., Wireshark), and scripting (e.g., Python, PowerShell, Bash) for automation.
  • Familiarity with cloud security (e.g., AWS, Azure, Google Cloud) and related tools is a plus.
  • Understanding of attack frameworks like MITRE Telecommunication & CK and common vulnerabilities (e.g., CVE database).
  • Certifications (preferred):
  • CompTIA Security+, CISSP
  • Certified Ethical Hacker (CEH)
  • GIAC Certified Incident Handler (GCIH)
  • Strong problem-solving and critical-thinking skills.
  • Ability to work under pressure and handle multiple incidents simultaneously.
  • Excellent communication skills to explain technical findings to non-technical stakeholders.
  • Team mentoring and leadership capabilities.

Work Environment:

- Work Hours: Typically 35-40 hours per week, with rotating shifts (e.g., 7 AM-3 PM, 3 PM-11 PM, 11 PM-7 AM) to support 24x7x365 SOC operations. On-call availability may be required.

- Team Structure: Reports to a SOC Manager or Lead Analyst, collaborates with Senior analysts, IT teams, and external vendors.


  • Tier 2 SOC Analyst

    3 days ago


    Pune, Maharashtra, India APN Consulting, Inc. Full time

    Role: Tier 2 Cyber Security Operations AnalystLocation: India Pune Remote (future hybrid)Duration: 3-month contract to hireWork hours: listed below under Work EnvironmentJob Overview:The Tier 2 Cyber Security Operations Analyst is responsible for performing advanced analysis of security incidents, conducting in-depth investigations, and implementing...

  • Tier 2 SOC Analyst

    22 hours ago


    Pune, Maharashtra, India APN Consulting, Inc. Full time

    Role: Tier 2 Cyber Security Operations Analyst Location: India Pune Remote (future hybrid) Duration: 3-month contract to hire Work hours: listed below under Work Environment Job Overview: The Tier 2 Cyber Security Operations Analyst is responsible for performing advanced analysis of security incidents, conducting in-depth investigations, and implementing...


  • Pune, Maharashtra, India AiiR Response Full time

    Company DescriptionAiiR Response Inc. is the first AI-driven breach response and extortion management platform, designed to automate negotiations, investigations, and recovery. Our platform, powered by our virtual analyst CEIRA, streamlines ransom negotiations, tracks cryptocurrency payments, conducts forensic investigations, and automates breach...


  • Pune, Maharashtra, India Rapid7 Full time

    Detection and Response Analyst - Rapid7 MDR (SOC 24 x 7)Rapid7 is seeking passionate Detection and Response Analysts to join our Managed Detection and Response (MDR) team. In this role, you'll utilize Rapid7's advanced tools and threat intelligence to investigate and triage high-priority security events across diverse customer environments.About the RoleAs...


  • Pune, Maharashtra, India Persistent Systems Full time

    About Position: As a SOC L3 Analyst, you will be responsible for leading the investigation and response to complex security incidents, engineering advanced detection content, and optimizing security tools and processes. With a strong focus on Splunk, content engineering, Endpoint Detection and Response (EDR), and Security Orchestration, Automation, and...


  • Pune, Maharashtra, India Persistent Systems Full time

    About Position:As a SOC L3 Analyst, you will be responsible for leading the investigation and response to complex security incidents, engineering advanced detection content, and optimizing security tools and processes. With a strong focus on Splunk, content engineering, Endpoint Detection and Response (EDR), and Security Orchestration, Automation, and...


  • Pune, Maharashtra, India Rapid7 Full time

    Detection and Response Analyst - Rapid7 MDR (SOC 24 x 7) Rapid7 is seeking passionate Detection and Response Analysts to join our Managed Detection and Response (MDR) team. In this role, you'll utilize Rapid7's advanced tools and threat intelligence to investigate and triage high-priority security events across diverse customer environments. About the Role...

  • Global SOC Specialist

    3 weeks ago


    Pune, Maharashtra, India Peoplefy Infosolutions Full time

    Job DescriptionWe are seeking a seasoned Senior SOC Analyst with 7+ years of experience in global security operations. The ideal candidate will have hands-on expertise in Security Operations Center (SOC) environments, strong incident response capabilities, and deep familiarity with Splunk for threat detection and analysis. This role requires proactive...


  • Pune, Maharashtra, India Persistent Systems Full time

    About Position: As a SOC L3 Analyst, you will be responsible for leading the investigation and response to complex security incidents, engineering advanced detection content, and optimizing security tools and processes. With a strong focus on Splunk, content engineering, Endpoint Detection and Response (EDR), and Security Orchestration, Automation, and...

  • soc l3

    2 weeks ago


    Pune, Maharashtra, India Persistent Systems Full time

    About Position: As a SOC L3 Analyst, you will be responsible for leading the investigation and response to complex security incidents, engineering advanced detection content, and optimizing security tools and processes. With a strong focus on Splunk, content engineering, Endpoint Detection and Response (EDR), and Security Orchestration, Automation, and...