SOC Analyst

SOC Analyst (Security Operations Center) JD

Job Summary:

We are seeking a proactive and detail-oriented SOC Analyst to join our Security Operations Center team. The ideal candidate will monitor, detect, analyze, and respond to cybersecurity incidents using various tools such as Splunk SIEM, FortiGate firewalls, and Cisco Catalyst switches. The candidate should possess strong analytical skills and a good understanding of network security and threat landscapes.

Key Responsibilities:

• Monitor and analyze security alerts and events from SIEM tools (Splunk).

Investigate and respond to security incidents and breaches in real time.

• Configure, monitor, and manage FortiGate Firewall policies, logs, and alerts.
• Understand and analyze logs and configurations from Cisco Catalyst Switches to detect suspicious activity or misconfigurations.
• Escalate critical security incidents to higher-level analysts or incident response teams.
• Support threat hunting and forensic investigation activities.
• Perform regular audits and generate reports for compliance and internal use.
• Maintain detailed documentation of incidents, vulnerabilities, and actions taken.

Work closely with network, infrastructure, and application teams to ensure security best practices are enforced.

• Participate in creating and updating SOPs and use cases for the SOC environment.
• Monitor and troubleshoot network devices, including Cisco routers and switches, to ensure optimal

performance and reliability.

• Configured VLANs and implemented network segmentation based on company requirements, enhancing

security, performance, and traffic management

• Configured and implemented Standard and Extended Access Control Lists (ACLs) for traffic filtering and

network security, optimizing data flow and access control.

• Work exposure on network monitoring and ticketing tools to track and resolve network incidents

efficiently.

• Configure and troubleshoot dynamic routing protocols such as EIGRP and OSPF to ensure reliable and

efficient network communication.

• Perform IP address configuration and TCP/IP subnetting (VLSM) for IPv4 to minimize IP wastage and

maintain seamless connectivity.

• Implement and manage LAN technologies, including VTP, inter-VLAN routing, VLAN trunking, and Ether

Channel, to optimize data traffic management.

• Implement STP security features such as BPDU Guard, BPDU Filter, Root Guard to enhance stability and

prevent network loops in the system

• Set up and manage LAN security mechanisms such as Port Security, DHCP Snooping, ARP Inspection, and

IP Source

• Guard to protect network integrity and prevent unauthorized access.
• Configuring and troubleshooting Dynamic Host Configuration Protocol (DHCP) server to provide Logical

addressing for the clients.

• Monitoring Fortinet and SonicWALL Firewall network traffic and logs, analysing security events and making necessary

changes for threat mitigation

• Set up and deploy IPsec VPN tunnels on Fortinet and SonicWALL firewalls, including configuring IKE phases, security

policies, and routing to ensure secure site-to-site connectivity.

• Configuring security policies on Fortinet and SonicWALL Firewall to protect network resources.
• Generated daily link utilization reports and ensured Service Level Agreement (SLA) compliance through

timely completion of tasks.

• Assisted senior engineers in identifying and correcting network vulnerabilities as directed.
• Providing first level technical support to the clients.

Required Skills and Experience:

2+ years of experience in a Security Operations Centre (SOC) or similar role.

Hands-on experience with Splunk for security event correlation and analysis.

Experience managing and analyzing logs from FortiGate firewalls (FortiOS knowledge is a plus).

Working knowledge of Cisco Catalyst Switches – spanning-tree, VLANs, port security, etc.

Understanding of TCP/IP, OSI model, firewalls, IDS/IPS, and network protocols.

Knowledge of threat vectors such as malware, phishing, lateral movement, etc.

• Good understanding of the OSI model and TCP/IP protocol suite.
• Knowledge of TCP, UDP, IP, ARP, ICMP and DHCP.
• IPv4 Addressing, Subnetting, and Summarization.
• Knowledge of DNS, DHCP – DORA Process, Messages, DHCP Relay Agent.
• Configuration and Troubleshooting of LAN technologies like VLAN configuration, Inter VLAN Routing,

VLAN.

• Frame Tagging (IEEE 802.1Q, ISL) protocol, VTP, DTP, VLAN Pruning.
• Good Understanding of Spanning Tree Protocol (STP) Election Process.
• Remote access configuration of cisco routers and switches using Telnet and SSH.
• Routing Protocols - OSPF, EIGRP, RIP, BGP Basic knowledge.
• Knowledge on configuring NAT – Static NAT, Dynamic NAT, Static PAT.
• Knowledge on Authentication of Routing Protocols (RIP, EIGRP, OSPF)
• knowledge on FHRP (HSRP, VRRP, GLBP).
• Knowledge of Port Security, DHCP Snooping, BPDU Guard, BPDU Filter, and Root Guard.
• Good Understanding of ACL.
• Good at Access point and WLC.
• Good knowledge of Fortinet and SonicWALL Firewall.
• Configuration of Policy, NAT, Creating Zone, Assigning IP to the interface, Blacklist and whitelist of

specific IP.

• Configuration of High Availability (HA) Active-passive and Active-active
• Basic of FortiGate Firewall.
• Familiarity with CISCO ASA.
• Understanding of ASA NAT (Static, Dynamic, Twice NAT), Access Rules, and Object Groups.
• Basic understanding of Active/Standby Failover setup.
• Good Understanding of VPN (site to site and remote access).
• Good knowledge of IPsec VPN, GRE VPN, DM VPN.

Experience with ticketing systems and incident management platforms.

Preferred Certifications (Not mandatory but desirable):

• Fortinet NSE 4 or higher
• Splunk Core Certified User / Power User
• Cisco CCNA / CCNP (Security or Routing & Switching)
• CompTIA Security+ / CySA+
• Certified SOC Analyst (CSA)

Soft Skills:

• Strong analytical and problem-solving skills.
• Effective communication and documentation abilities.
• Ability to work under pressure and handle multiple tasks.

Work Environment:

• 24x7 SOC – Rotational shifts (as applicable).
• May require occasional on-call support during major incidents.

Job Type: Full-time

Pay: ₹600, ₹800,000.00 per year

Benefits:

• Health insurance
• Provident Fund

Work Location: In person