R
Lead SOC Analyst (L3) – SIEM, SOAR & Incident Response
Accepting applicationsRemoteStar · Bengaluru, Karnataka, India
Full-Time Senior MentorSOC
Estimated market salary
₹25-44 LPA
This is a SiliconBoard market estimate, not an employer-posted salary.
Posted
15 Jun
Category
Design
Experience
Senior
Country
India
About Client: A FTSE 250 global fintech company headquartered in London with a presence in 18 countries and five continents. Their award-winning products and platforms empower go-getters around the world giving them access to over 19,000 financial markets.
**Experience with L3 is mandatory for this role. Incase if you experience with L3 it should be mentioned in your CV.
Relevant Experience required: 6-9 Years
Working model: Hybrid(2-3 days in office)
Your role in the client's Team's Success:
As a Lead Cyber Defence Analyst (L3), you are accountable for shift operations and serve as the senior technical escalation point for complex and high-severity security incidents. You will drive meaningful improvements to the SOC's detection and response capabilities — designing SIEM rules, building SOAR automation, and leading post-incident reviews that translate lessons learnt into tangible enhancements.Beyond the technical, you will play a central role in developing the analysts around you, mentoring L1s and L2s and helping to build a high-performing, continuously improving team. Your leadership during incidents, your visibility across shift workload, and your contribution to strategic SOC development will directly shape our client's ability to detect and respond to emerging threats at scale.
What you'll do:
Act as the senior escalation point for complex, high, and critical severity incidents — leading investigations, coordinating response efforts, and keeping the SOC Manager informed throughout.
Design and implement improvements to detection rules and SOAR automation, drawing on threat intelligence, lessons learnt, and emerging global threat trends.
Lead post-incident reviews for high and critical severity incidents, facilitating lessons learnt discussions and driving measurable improvements to SOC processes and tooling.
Mentor and coach L1 and L2 analysts, organise tabletop exercises focused on current threat trends, and provide cover and support for SOC Team Leaders when needed.
Maintain shift oversight, monitor team workload and incident queues, and conduct proactive threat hunts in line with the JIRA procedure.
What you'll need for this role:
6+ years of extensive experience in SOC operations and incident response, with a proven ability to lead complex, high-pressure investigations and coordinate across teams.
Deep technical expertise across SIEM and SOAR platforms, EDR tooling, and threat detection technologies, including hands-on experience building and automating detection logic and playbooks in production environments.
Demonstrated ability to develop and maintain automated workflows that improve SOC efficiency and reduce analyst toil.
Strong mentoring and communication skills, with experience coaching analysts at multiple levels and delivering structured learning activities such as tabletop exercises.
A proactive, improvement-focused mindset — comfortable analysing incident metrics, identifying gaps, and taking ownership of making things better.
Shift Timings (APAC & EMEA SupportCoverage)
This role requires flexibility to operate within the following primary working windows based on business needs:
APAC (Primary Working Window)
India (IST): 08:00 – 17:00
EMEA (Primary Working Window)
India (IST): 13:30 – 23:30
Show more Show less
**Experience with L3 is mandatory for this role. Incase if you experience with L3 it should be mentioned in your CV.
Relevant Experience required: 6-9 Years
Working model: Hybrid(2-3 days in office)
Your role in the client's Team's Success:
As a Lead Cyber Defence Analyst (L3), you are accountable for shift operations and serve as the senior technical escalation point for complex and high-severity security incidents. You will drive meaningful improvements to the SOC's detection and response capabilities — designing SIEM rules, building SOAR automation, and leading post-incident reviews that translate lessons learnt into tangible enhancements.Beyond the technical, you will play a central role in developing the analysts around you, mentoring L1s and L2s and helping to build a high-performing, continuously improving team. Your leadership during incidents, your visibility across shift workload, and your contribution to strategic SOC development will directly shape our client's ability to detect and respond to emerging threats at scale.
What you'll do:
Act as the senior escalation point for complex, high, and critical severity incidents — leading investigations, coordinating response efforts, and keeping the SOC Manager informed throughout.
Design and implement improvements to detection rules and SOAR automation, drawing on threat intelligence, lessons learnt, and emerging global threat trends.
Lead post-incident reviews for high and critical severity incidents, facilitating lessons learnt discussions and driving measurable improvements to SOC processes and tooling.
Mentor and coach L1 and L2 analysts, organise tabletop exercises focused on current threat trends, and provide cover and support for SOC Team Leaders when needed.
Maintain shift oversight, monitor team workload and incident queues, and conduct proactive threat hunts in line with the JIRA procedure.
What you'll need for this role:
6+ years of extensive experience in SOC operations and incident response, with a proven ability to lead complex, high-pressure investigations and coordinate across teams.
Deep technical expertise across SIEM and SOAR platforms, EDR tooling, and threat detection technologies, including hands-on experience building and automating detection logic and playbooks in production environments.
Demonstrated ability to develop and maintain automated workflows that improve SOC efficiency and reduce analyst toil.
Strong mentoring and communication skills, with experience coaching analysts at multiple levels and delivering structured learning activities such as tabletop exercises.
A proactive, improvement-focused mindset — comfortable analysing incident metrics, identifying gaps, and taking ownership of making things better.
Shift Timings (APAC & EMEA SupportCoverage)
This role requires flexibility to operate within the following primary working windows based on business needs:
APAC (Primary Working Window)
India (IST): 08:00 – 17:00
EMEA (Primary Working Window)
India (IST): 13:30 – 23:30
Show more Show less
Similar Jobs
M
MTS, Analog Design Engineering
Micron · Boise, United States, North America
M
Senior Engineer, STPG PE (FDV-Verilog)
Micron · Singapore, Singapore, Asia
M
Digital IC Design Engineer - Early Career
Marvell · Westborough, United States, North America
M
Staff Firmware/Software Engineer- Embedded SoC/Microcontroller/DSP/SERDES/AEC/Microled/ODSP/PHY/AI Connectivity
Marvell · Santa Clara, United States, North America