ET
Security Operations Center Analyst
Accepting applicationsEtenico Technologies · Bengaluru, Karnataka, India
Full-Time Associate MentorSOC
Posted
15 Jun
Category
Design
Experience
Associate
Country
India
The SOC L3 & Incident Response SME is responsible for advanced threat detection, incident response, and SOC operations using CrowdStrike Falcon (SIEM, EDR/XDR). This role acts as the final escalation point (L3) for complex security incidents, leads investigations, drives containment and remediation, and continuously improves SOC detection and response capabilities.
The role requires deep hands-on expertise in CrowdStrike SIEM, EDR/XDR, threat hunting, IR playbooks, and strong coordination with SOC, IT, cloud, and business stakeholders.
Key Responsibilities
SOC L3 Operations (CrowdStrike)
Act as L3 escalation point for complex and high severity security incidents.
Lead advanced investigations using CrowdStrike Falcon SIEM, EDR/XDR, and telemetry.
Perform deep analysis of alerts, logs, endpoint behavior, and attacker TTPs.
Validate and triage alerts to eliminate false positives and reduce alert fatigue.
Mentor L1/L2 analysts and provide technical guidance.
Incident Response & Threat Containment
Lead end to end incident response including:
Detection, analysis, containment, eradication, and recovery
Execute response actions using CrowdStrike:
Host isolation
Process termination
IOC blocking
Policy enforcement
Coordinate with IT, cloud, and application teams during incidents.
Drive post incident reviews, root cause analysis, and lessons learned.
Reporting, Metrics & Governance
Provide incident reports, executive summaries, and RCA documentation.
Track and report SOC KPIs including:
MTTD / MTTR
Incident severity trends
Detection coverage and effectiveness
Support audits, tabletop exercises, and compliance reporting.
Collaboration & Stakeholder Management
Work closely with:
SOC leadership
Threat intelligence teams
IT, Cloud, DevOps, and IAM teams
Act as a technical SME during major incidents and crisis management calls.
Support threat intel sharing and hunting initiatives.
Required Skills & Experience
Core Technical Skills
Strong hands on experience with CrowdStrike Falcon SIEM and EDR/XDR
Proven experience in SOC L3 / Incident Response roles
Deep knowledge of:
Endpoint, network, and cloud attack techniques
MITRE ATT&CK framework
Malware, ransomware, and advanced persistent threats
Strong log analysis and investigation skills.
Security Operations Experience
SIEM detection engineering and tuning
Threat hunting and IOC analysis
Incident response lifecycle and forensics basics
Experience working in 24x7 SOC environments (rotation/on call)
Certifications (Preferred)
CrowdStrike certifications
GCIA / GCIH / GCED / GCIR
CISSP / Security+
Incident Response or Threat Hunting certifications
Mandatory Skills
SIEM
Security Operation Center (SOC)
SOC Operations – EDR, XDR
Desirable Skills
SIEM
Security Operation Center (SOC)
SOC Operations – EDR, XDR
Incident Response
SME
Triage
Investigations
Remediation
Stakeholder Management
Cloud Forensics
Threat Intelligence and Detection
Business Communication
Leadership Skills
Show more Show less
The role requires deep hands-on expertise in CrowdStrike SIEM, EDR/XDR, threat hunting, IR playbooks, and strong coordination with SOC, IT, cloud, and business stakeholders.
Key Responsibilities
SOC L3 Operations (CrowdStrike)
Act as L3 escalation point for complex and high severity security incidents.
Lead advanced investigations using CrowdStrike Falcon SIEM, EDR/XDR, and telemetry.
Perform deep analysis of alerts, logs, endpoint behavior, and attacker TTPs.
Validate and triage alerts to eliminate false positives and reduce alert fatigue.
Mentor L1/L2 analysts and provide technical guidance.
Incident Response & Threat Containment
Lead end to end incident response including:
Detection, analysis, containment, eradication, and recovery
Execute response actions using CrowdStrike:
Host isolation
Process termination
IOC blocking
Policy enforcement
Coordinate with IT, cloud, and application teams during incidents.
Drive post incident reviews, root cause analysis, and lessons learned.
Reporting, Metrics & Governance
Provide incident reports, executive summaries, and RCA documentation.
Track and report SOC KPIs including:
MTTD / MTTR
Incident severity trends
Detection coverage and effectiveness
Support audits, tabletop exercises, and compliance reporting.
Collaboration & Stakeholder Management
Work closely with:
SOC leadership
Threat intelligence teams
IT, Cloud, DevOps, and IAM teams
Act as a technical SME during major incidents and crisis management calls.
Support threat intel sharing and hunting initiatives.
Required Skills & Experience
Core Technical Skills
Strong hands on experience with CrowdStrike Falcon SIEM and EDR/XDR
Proven experience in SOC L3 / Incident Response roles
Deep knowledge of:
Endpoint, network, and cloud attack techniques
MITRE ATT&CK framework
Malware, ransomware, and advanced persistent threats
Strong log analysis and investigation skills.
Security Operations Experience
SIEM detection engineering and tuning
Threat hunting and IOC analysis
Incident response lifecycle and forensics basics
Experience working in 24x7 SOC environments (rotation/on call)
Certifications (Preferred)
CrowdStrike certifications
GCIA / GCIH / GCED / GCIR
CISSP / Security+
Incident Response or Threat Hunting certifications
Mandatory Skills
SIEM
Security Operation Center (SOC)
SOC Operations – EDR, XDR
Desirable Skills
SIEM
Security Operation Center (SOC)
SOC Operations – EDR, XDR
Incident Response
SME
Triage
Investigations
Remediation
Stakeholder Management
Cloud Forensics
Threat Intelligence and Detection
Business Communication
Leadership Skills
Show more Show less
Similar Jobs
M
MTS, Analog Design Engineering
Micron · Boise, United States, North America
M
Senior Engineer, STPG PE (FDV-Verilog)
Micron · Singapore, Singapore, Asia
M
Digital IC Design Engineer - Early Career
Marvell · Westborough, United States, North America
M
Staff Firmware/Software Engineer- Embedded SoC/Microcontroller/DSP/SERDES/AEC/Microled/ODSP/PHY/AI Connectivity
Marvell · Santa Clara, United States, North America