SOC L3

**About Persistent**

We are an AI-led, platform-driven Digital Engineering and Enterprise Modernization partner, combining deep technical expertise and industry experience to help our clients anticipate what’s next. Our offerings and proven solutions create a unique competitive advantage for our clients by giving them the power to see beyond and rise above. We work with many industry-leading organizations across the world, including 12 of the 30 most innovative global companies, 60% of the largest banks in the US and India, and numerous innovators across the healthcare ecosystem.

Our disruptor’s mindset, commitment to client success, and agility to thrive in the dynamic environment have enabled us to sustain our growth momentum by reporting $360.2M revenue in Q3 FY25, delivering 4.3% Q-o-Q and 19.9% Y-o-Y growth. Our 23,900+ global team members, located in 19 countries, have been instrumental in helping the market leaders transform their industries. We are also pleased to share that Persistent won in four categories at the prestigious 2024 ISG Star of Excellence Awards, including the Overall Award based on the voice of the customer. We were included in the Dow Jones Sustainability World Index, setting high standards in sustainability and corporate responsibility. We were awarded for our state-of-the-art learning and development initiatives at the 16th TISS LeapVault CLO Awards. In addition, we were cited as the fastest-growing IT services brand in the 2024 Brand Finance India 100 Report. Throughout our market-leading growth, we’ve maintained a strong employee satisfaction score of 8.2/10.

**About Position**:
As a SOC L3 Analyst, you will be responsible for leading the investigation and response to complex security incidents, engineering advanced detection content, and optimizing security tools and processes. With a strong focus on Splunk, content engineering, Endpoint Detection and Response (EDR), and Security Orchestration, Automation, and Response (SOAR), you will enhance the SOC's capabilities to detect and mitigate advanced cyber threats. Collaborate with other SOC analysts, threat intelligence teams, and IT departments to improve overall security posture. Provide mentorship and guidance to L1 and L2 analysts, sharing knowledge and best practices.** This role requires working in shifts to provide 24/7 security monitoring.**
- **Role: SOC L3**:

- **Location: Pune/ Hyderabad (Onsite)**:

- **Experience: 8 - 11 Years**:

- **Job Type: Full Time Employment**

**What You'll Do**:
**Advanced Incident Response**:

- Lead the investigation and response to high-severity security incidents, performing deep-dive analysis and root cause determination.
- Develop and execute remediation plans to contain and eradicate threats.

**Content Engineering**:

- Design and develop advanced detection rules, alerts, and dashboards in Splunk to enhance threat detection capabilities.
- Continuously improve detection content based on emerging threats and attack patterns.

**Endpoint Detection and Response (EDR)**:

- Utilize EDR tools (e.g., CrowdStrike, Carbon Black) to monitor, analyze, and respond to endpoint threats.
- Conduct advanced forensic analysis on compromised systems to identify indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) used by threat actors.

**Security Orchestration, Automation, and Response (SOAR)**:

- Develop and maintain automated workflows and playbooks on the SOAR platform to streamline incident response processes.
- Integrate SOAR with other security tools and systems to automate threat detection, investigation, and response tasks.

**Threat Hunting**:

- Conduct proactive threat hunting activities to identify hidden threats and security weaknesses within the environment.
- Develop and implement threat hunting methodologies and use cases.

**Collaboration and Mentoring**:

- Collaborate with other SOC analysts, threat intelligence teams, and IT departments to improve overall security posture.
- Provide mentorship and guidance to L1 and L2 analysts, sharing knowledge and best practices.

**Security Tool Optimization**:

- Optimize the configuration and performance of security tools, including Splunk, EDR, and SOAR platforms.
- Evaluate and recommend new security technologies and solutions to enhance SOC capabilities.

**Documentation and Reporting**:

- Document incident response activities, findings, and outcomes in detail.
- Prepare comprehensive reports and briefings for senior management and stakeholders on security incidents and SOC performance.

**Continuous Improvement**:

- Stay updated with the latest cybersecurity threats, trends, and technologies.
- Participate in training and professional development activities to enhance skills and knowledge.

**Expertise You'll Bring**:

- Bachelor’s degree in computer science, Information Security, or a related field, or equivalent experience.
- 8 to 11 years of experience in cybersecurity, with a focus on SOC operations