L3 Incident Response

2 days ago

Mumbai, Maharashtra, India Neev Full time ₹ 12,00,000 - ₹ 36,00,000 per year

Job Description: L3 Incident Response & Network Security Engineer
Position: L3 Incident Response / Security Operations Engineer
Location: (Specify)
Experience: 5–10 Years
Sector: Telecom / Enterprise / Managed Security Services
Role Overview

We are looking for a hands-on L3 Incident Response & Network Security Engineer with strong troubleshooting skills across firewalls, proxy solutions, WAFs, and secure email gateways. The engineer will act as the highest technical escalation point (L3) for SOC operations, handling major incidents, performing deep-dive investigations, tuning security controls, and providing advanced operational support.

This role requires extensive knowledge of enterprise security infrastructure, IR processes, and direct L3 SOC operations.

Key Responsibilities
1. L3 Incident Response & Escalations

  • Act as the L3 escalation point for all major security incidents.

  • Perform detailed triage, containment, recovery, and root cause analysis.

  • Investigate alerts and escalations from SOC L1/L2 teams including malware, intrusion attempts, DDoS indicators, suspicious traffic, or compromised accounts.

  • Lead war-room calls for P1/P2 security incidents.

2. Hands-on Troubleshooting (Critical Skill)

  • Deep troubleshooting across:

    • Firewall rules, access/ACL issues, NAT, VPN failures

    • Proxy policies, URL filtering, SSL inspection

    • WAF tuning, false positive reduction, signature adjustments

    • Email gateway issues: spam, phishing, TLS routing, mail delivery

  • Review packet captures, logs, and security alerts to isolate issues.

  • Perform configuration corrections and implement mitigation steps.

3. SOC L3 Operations

  • Support day-to-day SOC operations at L3 level.

  • Validate and enhance detection logic across SIEM/SOAR platforms.

  • Collaborate with threat intel, detection engineering, and incident commanders.

  • Guide SOC L1/L2 teams on escalations, tuning, and false positive reduction.

4. Security Control Tuning & Optimization

  • Continuously fine-tune:

    • Firewall policies (ASA/FTD/Palo Alto/Checkpoint)

    • IPS/IDS signatures

    • WAF rules (F5 ASM, Imperva, Akamai, etc.)

    • Proxy categories, SSL bypass policies, DLP rules

    • Email security policies for phishing, malware, and spoofing

  • Conduct periodic policy reviews and compliance validation.

5. Change & Problem Management

  • Manage and execute complex L3-level changes during planned maintenance windows.

  • Perform impact analysis, pre/post checks, and documentation.

  • Participate in root cause analysis and long-term remediation planning.

6. Threat Hunting & Log Analysis

  • Perform proactive threat hunting across network and security datasets.

  • Analyze logs from firewalls, proxies, IPS, WAF, and email gateways.

  • Identify anomalous patterns and work with SOC for follow-up actions.

Required Technical Skills
Hands-on Expertise (Mandatory)

  • Firewalls (Cisco ASA, Firepower, Palo Alto, Check Point)

  • Proxy solutions (Blue Coat, Zscaler, Squid)

  • WAF platforms (F5 ASM, Imperva, Cloudflare, Akamai)

  • Email Security Gateways (Cisco ESA/IronPort, Proofpoint, Mimecast)

  • IDS/IPS analysis and tuning

Incident Response & SOC Skills

  • Strong understanding of IR frameworks (NIST, SANS).

  • Experience with SIEM platforms (Splunk, QRadar, Sentinel, Arcsight).

  • Experience with SOAR automation (preferred).

  • Packet capture analysis (Wireshark, tcpdump).

Additional Operational Security Tools (Advantage)

  • FireEye

  • Cisco ASA/Firepower

  • Cisco ISE

  • Arbor DDoS

  • AlgoSec

Soft Skills

  • Strong analytical and decision-making capability.

  • Excellent communication during incidents.

  • Ability to lead high-pressure security bridges.

  • Strong documentation and reporting skills.

Preferred Certifications

  • CCNP Security / CCIE Security

  • GIAC Certifications (GCIA, GCIH, GCFA, GCFE)

  • CEH / CHFI

  • ITIL Foundation

  • SOC L3 Analyst- Incident Response

    1 week ago

    Navi Mumbai, Maharashtra, India Atos Full time ₹ 5,00,000 - ₹ 15,00,000 per year

    Job Applicant Privacy NoticeSOC L3 Analyst- Incident ResponsePublication Date: Nov 13, 2025Ref. No: 538132Location:Mahape, Navi Mumbai, Maharasht, INAbout Atos GroupAtos Group is a global leader in digital transformation with c. 70,000 employees and annual revenue of c. € 10 billion, operating in 67 countries under two brands — Atos for services and...

  • Lead-Incident Response Team

    2 weeks ago

    Navi Mumbai, Maharashtra, India Acura Solution Full time ₹ 12,00,000 - ₹ 24,00,000 per year

    Job Description:Job DescriptionThe Lead – Incident Response Team is responsible for overseeing the end-to-end management of technology incidents across the enterprise. This role ensures rapid detection, containment, resolution, and root cause analysis of incidents affecting critical IT services.The position requires strong leadership, technical acumen, and...

  • Incident Response

    2 weeks ago

    Navi Mumbai, Maharashtra, India KPMG Assurance and Consulting Services LLP Full time ₹ 8,00,000 - ₹ 24,00,000 per year

    Role SummaryWe are seeking a highly skilled cybersecurity professional to join our team as a Threat Hunter / Incident Response Specialist. The ideal candidate will have hands-on experience in proactive threat hunting, incident detection, and response, with strong expertise in ELK (Elasticsearch, Logstash, Kibana) for log analysis and visualization.Key...

  • Incident Response Lead

    8 hours ago

    Mumbai, Maharashtra, India Anzen Technologies Full time ₹ 12,00,000 - ₹ 24,00,000 per year

    ANZEN Technologies Pvt. Ltd. is a leading cybersecurity service provider that empowers organizations across various industries with advanced security services, innovative solutions, and unmatched expertise in cybersecurity, IT Governance, Risk Management, and Compliance.Incident Response Lead Profile:The Incident Response Lead is responsible for driving and...

  • SOC L3 Analyst- Incident Response

    1 week ago

    Navi Mumbai, Maharashtra, India Atos Full time ₹ 9,00,000 - ₹ 12,00,000 per year

    About Atos GroupAtos Group is a global leader in digital transformation with c. 70,000 employees and annual revenue of c. € 10 billion, operating in 67 countries under two brands — Atos for services and Eviden for products. European number one in cybersecurity, cloud and high-performance computing, Atos Group is committed to a secure and decarbonized...

  • soc l3

    2 weeks ago

    Mumbai, Maharashtra, India CyberNX Technologies Pvt Ltd. Full time ₹ 6,00,000 - ₹ 10,00,000 per year

    Security Operations Center (SOC) Analyst – Level 3 (L3)Key Responsibilities:Lead and mentor SOC analysts (Trainees/L1s); monitor team KPIs and ensure shift coverage.Manage high-priority incident response and investigations; perform root cause analysis and post-incident reporting.Support detection engineering; identify gaps and improve logging, alerting,...

  • L3 Network

    2 days ago

    Mumbai, Maharashtra, India Neev Full time ₹ 12,00,000 - ₹ 36,00,000 per year

    ob Description: L3 Network & Security EngineerPosition: L3 Network & Security EngineerLocation: (Specify Location)Experience: 5–10 YearsIndustry: Telecom / Enterprise IT / Managed Security ServicesOverviewWe are seeking an experienced L3 Network & Security Engineer with strong hands-on expertise in managing and supporting enterprise security infrastructure...

  • Threat Hunting Specialist L3

    1 week ago

    Mumbai, Maharashtra, India Talent Vision Services Full time ₹ 12,00,000 - ₹ 36,00,000 per year

    As a Threat Hunting Specialist L3, you will be responsible for proactively identifying and mitigating threats to the organization's systems and data. You will use advanced tools and techniques to hunt for malicious activity, analyze security events, and develop effective detection and response strategies. This role requires a deep understanding of...

  • L3 Network Security Engineer

    2 days ago

    Mumbai, Maharashtra, India Neev Full time ₹ 12,00,000 - ₹ 36,00,000 per year

    Job Description – L3 Network Security Engineer (Infrastructure Specialist)Role: L3 Network Security EngineerDepartment: Cybersecurity / Infrastructure Security OperationsLocation: (Specify)Experience: 5–10 YearsType: Full-TimeRole OverviewThis role requires a senior, infrastructure-heavy L3 Security Engineer responsible for advanced operational...

  • L3 Email Security Lead

    2 weeks ago

    Mumbai, Maharashtra, India Tekskills Full time ₹ 14,40,000 - ₹ 19,20,000 per year

    Hi Everyone,We have Immediate openings for MNC Company as L3 Email Security Lead in Mumbai Location.Job Title: L3 Email Security Lead (Mimecast is mandatory)Work Location: MumbaiExperience: 6 to 8 yearsJob Description:Cyber security team is looking for responsible for architecting and managing the secure email ecosystem, protecting against phishing,...