SOC L3

4 - 9 Years
- 1 Opening
- Trivandrum

**Role description**:
**Job Title**: L3 SOC Engineer

**Work Location: Trivandrum**

**Job Summary**:
We are seeking a highly skilled and detail-oriented **L3 SOC Engineer** to join our Security Operations Center (SOC) team. You will play a critical role in detecting, investigating, and responding to advanced security threats using a variety of tools and platforms. This role requires deep expertise in cybersecurity, incident response, and SOC operations, along with the ability to mentor team members and drive process improvements.

**Key Responsibilities**
- Monitor security events using **SIEM** and other tools to identify potential threats across the organization.
- Analyze, triage, and prioritize s to separate false positives from real security incidents.
- Act as an escalation point for critical security incidents and coordinate response activities.
- Perform in-depth incident investigations, including containment, eradication, and recovery.
- Block malicious IPs/domains, disable compromised accounts, and execute other containment actions.
- Conduct **proactive threat hunting** and log analysis to detect advanced threats.
- Perform daily health checks of SOC tools and monitoring infrastructure to ensure operational readiness.
- Maintain detailed and accurate incident documentation, logs, and reports.
- Follow established **SOPs, playbooks, and incident response frameworks** for consistent handling.
- Collaborate with IT, infrastructure, and security teams during investigations and remediation.
- Stay updated on evolving threats, TTPs (Tactics, Techniques, and Procedures), and security best practices.

**Required Skills & Experience**
- **Experience**: 4-7 years in SOC or Cybersecurity, with at least 2 years at an L3 level.
- **Core Skills**: SOC L3 operations, SIEM administration, incident response, and threat hunting.
- **Tools & Platforms**:

- SIEM: FortiSIEM, QRadar, Sentinel, Splunk, Google SecOps.
- SOAR: FortiSOAR, Google SOAR.
- Strong knowledge of attack patterns, IOCs, and APTs.
- Hands-on experience with system logs, network traffic analysis, and security tools.
- Proficiency in creating **custom parsers**, implementing SIEM/SOAR integrations, and writing runbooks/playbooks.
- Strong analytical, problem-solving, and communication skills.

**Good-to-Have Skills**
- Experience with **DLP, PAM, EDR** solutions.
- Familiarity with security frameworks (NIST, ISO 27001, MITRE ATT&CK, etc.).
- Ability to mentor and train junior SOC members.

**Additional Responsibilities**
- Lead war-room discussions and provide executive-level briefings during critical incidents.
- Identify process gaps and recommend improvements for detection and response capabilities.
- Ensure end-to-end management of high-severity incidents and document lessons learned.

**Skills**:
**Proactive threat hunting,**
- Proficiency in creating **custom parsers**, implementing SIEM/SOAR integrations, and writing runbooks/playbooks.

**About UST**:
UST is a global digital transformation solutions provider. For more than 20 years, UST has worked side by side with the world’s best companies to make a real impact through transformation. Powered by technology, inspired by people and led by purpose, UST partners with their clients from design to operation. With deep domain expertise and a future-proof philosophy, UST embeds innovation and agility into their clients’ organizations. With over 30,000 employees in 30 countries, UST builds for boundless impact—touching billions of lives in the process.