Security Operations Center

2 - 6 Years

8 Openings

Bengaluru

**Role description**:
**Position Overview**

**Key Responsibilities**

**Security Monitoring & Analysis**
- Monitor **SIEM dashboards, EDR s, and security telemetry** for suspicious activity across endpoints, networks, and cloud environments.
- Perform **initial triage, classification, and escalation** of security s based on severity and impact.
- Correlate events from multiple sources to identify potential attack patterns and lateral movement.

**Incident Response & End-User Support**
- Provide **first-line and second-line support** for security incidents, including **phishing, malware infections, and account compromises**.
- Guide end-users through **containment and remediation steps** for security-related issues.
- Document incident details, actions taken, and lessons learned in the incident management system.

**Security Investigation & Threat Hunting**
- Conduct **in-depth investigations** of security incidents, including log analysis, forensic review, and root cause determination.
- Participate in **threat hunting activities** to proactively identify indicators of compromise (IOCs) and advanced threats.
- Collaborate with **threat intelligence teams** to enrich investigations with contextual data.

**Red/Blue/Purple Teaming Support**
- Assist in **Blue Team defensive operations** by validating detection rules and improving fidelity.
- Support **Purple Team exercises** by working with Red Team to simulate attacks and validate detection/response capabilities.
- Provide feedback to improve **SOC playbooks and detection engineering**.

**Incident Management & Reporting**
- Follow **incident response playbooks** and escalate incidents to senior analysts or IR teams as needed.
- Generate **daily, weekly, and monthly SOC reports** on incident trends, response metrics, and threat landscape.
- Ensure compliance with **industry standards** (ISO 27001, NIST CSF) and internal security policies.

**Skills**:
**Required Qualifications**

**Experience**
- **2-4 years** in a **SOC, incident response, or security operations role**.
- Hands-on experience with **SIEM platforms (Splunk, Microsoft Sentinel)**, **EDR tools (CrowdStrike, Defender for Endpoint)**, and **network security monitoring**.

**Technical Skills**
- Knowledge of **attack techniques (MITRE ATT&CK)** and common threat vectors.
- Familiarity with **log analysis, packet capture tools, and forensic techniques**.
- Basic scripting skills (PowerShell, Python) for automation and investigation tasks.

**Certifications (preferred)**
- **CompTIA Security+**, **CySA+**, **GCIA**, or **GCIH**.
- Exposure to **Red/Blue/Purple Teaming methodologies** is a plus.

**Preferred Attributes**
- Strong **analytical and problem-solving skills**.
- Ability to work in a **fast-paced, 24x7 SOC environment**.
- Excellent **communication and documentation skills**.

**About Grant Thornton INDUS**:
‘Grant Thornton INDUS’ comprises GT U.S. Shared Services Center India Pvt Ltd and Grant Thornton U.S. Knowledge and Capability Center India Pvt Ltd. Grant Thornton INDUS is the shared services center supporting the operations of Grant Thornton LLP, the U.S. member firm of Grant Thornton International Ltd. Established in 2012, Grant Thornton INDUS employs professionals across a wide range of disciplines including Tax, Audit, Advisory, and other operational functions. What sets us apart isn’t just what we do - it’s how we do it. We support and enable the firm’s purpose of making business more personal and building trust into every result. We’re collaborators - obsessed with quality and ready for anything - who understand the value of strong relationships. Our professionals are well integrated to seamlessly support the U.S. engagement teams, help increase Grant Thornton’s access to a wide talent pool, and improve operational efficiencies. Empowered people, bold leadership, and distinctive client service are imbibed in the culture at Grant Thornton INDUS. We are a transparent, competitive, and excellence-driven firm that offers an opportunity to be part of something significant. In addition, professionals at Grant Thornton INDUS serve communities in India through inspirational and generous services to give back to the communities they work in. Grant Thornton INDUS has its offices in two locations in India - Bengaluru and Kolkata