TS
Security Operations Center (SOC) Analyst III
Accepting applicationsThe Standard India · Bengaluru East, Karnataka, India
Full-Time Mid_senior SOCSecurity OperationsIncident ResponseSIEM
Posted
3d ago
Category
Design
Experience
Mid_senior
Country
India
The next part of your journey is right around the corner — with Standard India
A genuine desire to make a difference in the lives of others is the foundation for everything we do. With a customer-first mindset and an intentional focus on bu ilding strong teams across the nation, we’ve been able to uphold our legacy of financial stability while investing in new, innovative technologies that support the needs of our customers. Our high-performance culture, focused on operational excellence, thrives thanks to remarkable people united by compassion and a customer-first commitment. Are you ready to make a difference?
Job Summary
The SOC Analyst III is a senior-level security professional responsible for advanced threat detection, incident response, and security engineering within the Security Operations Center (SOC). This role serves as a technical leader, specializing in Microsoft Azure security operations, Microsoft Sentinel (Azure Sentinel), and SOC automation via Git-based CI/CD pipelines.
The analyst will drive detection engineering, automation, and continuous improvement of SOC capabilities, ensuring effective monitoring, rapid response, and alignment with organizational security objectives.
Key Responsibilities
Advanced Threat Monitoring & Incident Response
Lead triage and investigation of complex security incidents across cloud, endpoint, identity, and network domains
Correlate alerts across Microsoft Sentinel, Microsoft Defender suite, Azure control plane, and third-party integrations
Perform deep-dive forensic analysis including identity compromise, lateral movement, and cloud-based threats
Act as incident commander for high-severity (P1/P2) incidents
Microsoft Sentinel & Azure Security Operations
Design, implement, and optimize Microsoft Sentinel analytics rules, workbooks, hunting queries, and data connectors
Develop advanced detection logic using Kusto Query Language (KQL)
Maintain and tune integrations across:
Azure AD / Entra ID
Microsoft Defender for Endpoint, Identity, Cloud, Office
Azure Activity Logs & resource telemetry
Microsoft Graph Security API
Optimize signal-to-noise ratio through detection tuning and use case refinement
SOC Automation & Git-Based CI/CD Pipelines
Design and maintain SOC-as-Code frameworks using Git repositories (e.g., Azure DevOps, GitHub)
Build and manage CI/CD pipelines for:
Sentinel analytics rules deployment
Playbooks (Logic Apps)
Workbooks and dashboards
Data connector configurations
Implement version control, peer review, and automated testing for detection content
Promote infrastructure-as-code practices (ARM/Bicep/Terraform preferred)
Detection Engineering & Threat Hunting
Develop and maintain detection use cases aligned to MITRE ATT&CK
Conduct proactive threat hunting and hypothesis-driven investigations
Integrate threat intelligence feeds into Sentinel and detection workflows
Measure detection coverage and effectiveness through metrics and gap analysis
Incident Response & Process Improvement
Enhance and maintain incident response playbooks and runbooks
Lead post-incident reviews and root cause analysis
Identify automation opportunities to reduce manual effort and response time
Drive SOC maturity improvements aligned with NIST CSF / industry frameworks
Collaboration & Leadership
Mentor SOC Analysts (Tier I/II) and provide escalation support
Partner with engineering, cloud, identity, and endpoint teams on security initiatives
Support reporting and metrics development for SOC leadership and executive stakeholders
Participate in on-call rotation for incident response escalation
Ability to work on-site in Bengaluru, India is a requirement of the role.
Mode of Working: This role follows a hybrid work model, with a primary base in Bengaluru. While on-site presence is essential for key engagements, flexibility is offered for remote work based on business needs and team alignment.
Skills And Background You’ll Need
Education: A Bachelor’s degree is required.
Experience
5+ years of experience in Security Operations, Incident Response, or Threat Detection
2+ years hands-on experience with Microsoft Sentinel (Azure Sentinel) in production
Proven experience in designing and operationalizing cloud security monitoring
Advanced analytical and problem-solving skills
Strong understanding of cloud-native security architectures
Ability to operate independently in high-pressure incident scenarios
Effective communication with both technical and executive audiences
Continuous improvement mindset with automation-first approach
24x7 SOC operations (on-call rotation required)
Cross-functional collaboration with enterprise security stakeholders
Technical Skills
Core Azure Security Stack
Microsoft Sentinel (SIEM/SOAR)
Microsoft Defender suite (Endpoint, Identity, Cloud, O365)
Azure AD / Entra ID security monitoring
Azure Monitor, Log Analytics
Detection & Analysis
Strong proficiency in Kusto Query Language (KQL)
Knowledge of MITRE ATT&CK framework
Experience with log correlation and multi-source investigations
Automation & DevSecOps
Experience with Git-based workflows (branching, pull requests, code reviews)
Building and maintaining CI/CD pipelines (Azure DevOps or GitHub Actions)
Infrastructure as Code (ARM, Bicep, Terraform preferred)
Logic Apps / SOAR playbook development
Additional Technical Skills (Preferred)
Experience integrating third-party security tools (e.g., MDR, NDR, EDR platforms)
Understanding of identity security, Zero Trust architecture
API integration (REST , Graph API )
Scripting (PowerShell, Python)
Certifications (Preferred)
Microsoft Certified: Security Operations Analyst (SC-200)
Microsoft Certified: Azure Security Engineer (AZ-500)
CISSP, GCIA, GCIH, or equivalent
Success Measures
Reduction in mean-time-to-detect (MTTD) and respond (MTTR)
Improved detection coverage and reduced false positives
Increased automation of SOC workflows
Adoption of Git-based deployment and SOC-as-Code practices
Contribution to SOC maturity and operational excellence
Key Behaviors of a Successful Candidate
Improvement Mindset: Continually seeks new ways to create business/ customer value by identifying and implementing opportunities for improved efficiency, effectiveness and innovation.
Adaptability: Sees possibilities in changing circumstances, accepts and understands change and alters behavior as necessary.
Winning Together: Actively engages colleagues to achieve shared outcomes by developing trust, inviting diverse perspectives and pushing to bring the best ideas forward.
Why Join Standard India?
We Have Built An Enduring Legacy Of Stability, Financial Strength And Exceptional Customer Service Through The Contributions Of The Service-oriented People Who Choose To Work At The Standard. To Ensure We Can Attract And Retain The Best Talent, When You Join StanCorp Global Servicesyou Can Expect
A rich benefits package that supports your health, well-being, and financial goals
An annual incentive bonus plan tied to both individual and organizational performance
Paid time off including earned leave, sick/casual leave, and public holidays, in accordance with the company’s leave policy
A supportive, responsive management approach that empowers you to grow
Opportunities for career advancement through learning, coaching, and leadership enablement
A culture where your voice matters - your ideas shape our future, and we win as one
Purpose-driven work that makes a difference for our customers, communities, and each other
In addition to a competitive salary, our employee-focused benefits are designed to support work-life balance, personal growth, and long-term impact.
Eligibility to participate in an incentive program is subject to the rules governing the program and plan. Any award depends on a variety of factors including individual and organizational performance.
StanCorp Global Services India Private Limited is an equal opportunity employer.
All qualified applicants will receive consideration for employment without regard to race, religion, colour, sex, gender identity, sexual orientation, age, disability, caste, HIV status or any other characteristic protected by applicable laws of India.
Show more Show less
A genuine desire to make a difference in the lives of others is the foundation for everything we do. With a customer-first mindset and an intentional focus on bu ilding strong teams across the nation, we’ve been able to uphold our legacy of financial stability while investing in new, innovative technologies that support the needs of our customers. Our high-performance culture, focused on operational excellence, thrives thanks to remarkable people united by compassion and a customer-first commitment. Are you ready to make a difference?
Job Summary
The SOC Analyst III is a senior-level security professional responsible for advanced threat detection, incident response, and security engineering within the Security Operations Center (SOC). This role serves as a technical leader, specializing in Microsoft Azure security operations, Microsoft Sentinel (Azure Sentinel), and SOC automation via Git-based CI/CD pipelines.
The analyst will drive detection engineering, automation, and continuous improvement of SOC capabilities, ensuring effective monitoring, rapid response, and alignment with organizational security objectives.
Key Responsibilities
Advanced Threat Monitoring & Incident Response
Lead triage and investigation of complex security incidents across cloud, endpoint, identity, and network domains
Correlate alerts across Microsoft Sentinel, Microsoft Defender suite, Azure control plane, and third-party integrations
Perform deep-dive forensic analysis including identity compromise, lateral movement, and cloud-based threats
Act as incident commander for high-severity (P1/P2) incidents
Microsoft Sentinel & Azure Security Operations
Design, implement, and optimize Microsoft Sentinel analytics rules, workbooks, hunting queries, and data connectors
Develop advanced detection logic using Kusto Query Language (KQL)
Maintain and tune integrations across:
Azure AD / Entra ID
Microsoft Defender for Endpoint, Identity, Cloud, Office
Azure Activity Logs & resource telemetry
Microsoft Graph Security API
Optimize signal-to-noise ratio through detection tuning and use case refinement
SOC Automation & Git-Based CI/CD Pipelines
Design and maintain SOC-as-Code frameworks using Git repositories (e.g., Azure DevOps, GitHub)
Build and manage CI/CD pipelines for:
Sentinel analytics rules deployment
Playbooks (Logic Apps)
Workbooks and dashboards
Data connector configurations
Implement version control, peer review, and automated testing for detection content
Promote infrastructure-as-code practices (ARM/Bicep/Terraform preferred)
Detection Engineering & Threat Hunting
Develop and maintain detection use cases aligned to MITRE ATT&CK
Conduct proactive threat hunting and hypothesis-driven investigations
Integrate threat intelligence feeds into Sentinel and detection workflows
Measure detection coverage and effectiveness through metrics and gap analysis
Incident Response & Process Improvement
Enhance and maintain incident response playbooks and runbooks
Lead post-incident reviews and root cause analysis
Identify automation opportunities to reduce manual effort and response time
Drive SOC maturity improvements aligned with NIST CSF / industry frameworks
Collaboration & Leadership
Mentor SOC Analysts (Tier I/II) and provide escalation support
Partner with engineering, cloud, identity, and endpoint teams on security initiatives
Support reporting and metrics development for SOC leadership and executive stakeholders
Participate in on-call rotation for incident response escalation
Ability to work on-site in Bengaluru, India is a requirement of the role.
Mode of Working: This role follows a hybrid work model, with a primary base in Bengaluru. While on-site presence is essential for key engagements, flexibility is offered for remote work based on business needs and team alignment.
Skills And Background You’ll Need
Education: A Bachelor’s degree is required.
Experience
5+ years of experience in Security Operations, Incident Response, or Threat Detection
2+ years hands-on experience with Microsoft Sentinel (Azure Sentinel) in production
Proven experience in designing and operationalizing cloud security monitoring
Advanced analytical and problem-solving skills
Strong understanding of cloud-native security architectures
Ability to operate independently in high-pressure incident scenarios
Effective communication with both technical and executive audiences
Continuous improvement mindset with automation-first approach
24x7 SOC operations (on-call rotation required)
Cross-functional collaboration with enterprise security stakeholders
Technical Skills
Core Azure Security Stack
Microsoft Sentinel (SIEM/SOAR)
Microsoft Defender suite (Endpoint, Identity, Cloud, O365)
Azure AD / Entra ID security monitoring
Azure Monitor, Log Analytics
Detection & Analysis
Strong proficiency in Kusto Query Language (KQL)
Knowledge of MITRE ATT&CK framework
Experience with log correlation and multi-source investigations
Automation & DevSecOps
Experience with Git-based workflows (branching, pull requests, code reviews)
Building and maintaining CI/CD pipelines (Azure DevOps or GitHub Actions)
Infrastructure as Code (ARM, Bicep, Terraform preferred)
Logic Apps / SOAR playbook development
Additional Technical Skills (Preferred)
Experience integrating third-party security tools (e.g., MDR, NDR, EDR platforms)
Understanding of identity security, Zero Trust architecture
API integration (REST , Graph API )
Scripting (PowerShell, Python)
Certifications (Preferred)
Microsoft Certified: Security Operations Analyst (SC-200)
Microsoft Certified: Azure Security Engineer (AZ-500)
CISSP, GCIA, GCIH, or equivalent
Success Measures
Reduction in mean-time-to-detect (MTTD) and respond (MTTR)
Improved detection coverage and reduced false positives
Increased automation of SOC workflows
Adoption of Git-based deployment and SOC-as-Code practices
Contribution to SOC maturity and operational excellence
Key Behaviors of a Successful Candidate
Improvement Mindset: Continually seeks new ways to create business/ customer value by identifying and implementing opportunities for improved efficiency, effectiveness and innovation.
Adaptability: Sees possibilities in changing circumstances, accepts and understands change and alters behavior as necessary.
Winning Together: Actively engages colleagues to achieve shared outcomes by developing trust, inviting diverse perspectives and pushing to bring the best ideas forward.
Why Join Standard India?
We Have Built An Enduring Legacy Of Stability, Financial Strength And Exceptional Customer Service Through The Contributions Of The Service-oriented People Who Choose To Work At The Standard. To Ensure We Can Attract And Retain The Best Talent, When You Join StanCorp Global Servicesyou Can Expect
A rich benefits package that supports your health, well-being, and financial goals
An annual incentive bonus plan tied to both individual and organizational performance
Paid time off including earned leave, sick/casual leave, and public holidays, in accordance with the company’s leave policy
A supportive, responsive management approach that empowers you to grow
Opportunities for career advancement through learning, coaching, and leadership enablement
A culture where your voice matters - your ideas shape our future, and we win as one
Purpose-driven work that makes a difference for our customers, communities, and each other
In addition to a competitive salary, our employee-focused benefits are designed to support work-life balance, personal growth, and long-term impact.
Eligibility to participate in an incentive program is subject to the rules governing the program and plan. Any award depends on a variety of factors including individual and organizational performance.
StanCorp Global Services India Private Limited is an equal opportunity employer.
All qualified applicants will receive consideration for employment without regard to race, religion, colour, sex, gender identity, sexual orientation, age, disability, caste, HIV status or any other characteristic protected by applicable laws of India.
Show more Show less