L&

SOC Engineer (L3)

Accepting applications

Larsen & Toubro-Vyoma · Chennai, Tamil Nadu, India

Full-Time Associate MentorPythonSOCcadence
Posted
5d ago
Category
Design
Experience
Associate
Country
India
Job Purpose
The SOC L3 acts as the Senior technical escalation point within the SOC, leading threat hunting, advanced incident investigations, security engineering improvements, and strategic cyber defence initiatives. Protect multi‑tenant GPU cloud with defense‑in‑depth, ensuring zero‑trust, auditability, and regulatory alignment.

Roles & Responsibilities
Lead investigation of sophisticated cyber attacks and advanced persistent threats (APTs).
Perform proactive threat hunting across enterprise environments.
Develop advanced detection engineering use cases.
Design and optimize SIEM, SOAR, XDR, and cloud security monitoring capabilities.
Conduct forensic investigations across endpoints, networks, cloud, and identity platforms.
Develop incident response playbooks and automation workflows.
Lead post-incident reviews and lessons-learned sessions.
Provide security recommendations to architecture and engineering teams.
Mentor SOC L1/L2 analysts and support career development.
Coordinate with Threat Intelligence and Red Team functions.
Support security audits, compliance, and executive reporting.
ON-CALL Support for L2/L1 support team.
Implementation
Enforce IAM/RBAC, least privilege, and network micro‑segmentation; secrets/KMS integration.
Define secure baselines for OS, containers, CUDA drivers, and platform services; supply‑chain controls (image signing/SBOM).
Implement and management experience of cloud network security controls such as security groups, firewalls, WAF, DDoS, micro-segmentation, EDR, DLP, PIM/PAM and secure connectivity etc
Operations
Continuous vulnerability management, patch cadence, threat detection (EDR/XDR), and audit log integrity.
Periodic access reviews, key rotation, and compliance evidence packs.

Reliability & Incident
Incident response (containment/forensics/eradication); purple‑team exercises; tabletop drills.
Data Protection
Encryption in‑transit/at‑rest, tenant isolation boundaries, data retention, legal holds, and purge workflows.

Experience & Educational Requirement
BE/B-Tech or equivalent with Computer Science or Electronics & Communication
Certifications :- CISSP; CISM/CISA; CCSP; ISO 27001 Lead Implementer/Auditor, GCFA, GCTI, CISSP, CCSP, AZ-500, SC-100, SC-200, GIAC Certifications, Microsoft Cybersecurity Architect Expert, Kubernetes Security Specialist.

RELEVANT EXPERIENCE
8–15 years cybersecurity; strong cloud security, zero‑trust, and data privacy in regulated environments.
Deep expertise in Sentinel, Splunk, QRadar, Chronicle, or equivalent SIEM platforms.
Advanced knowledge of Microsoft Defender XDR, Defender for Cloud, CrowdStrike, SentinelOne, and other XDR solutions.
Strong threat hunting expertise using MITRE ATT&CK framework.
Expertise in cloud security (Azure, AWS, GCP).
Digital forensics and malware reverse engineering knowledge.
Security automation using Python, PowerShell, Logic Apps, SOAR platforms.
Detection engineering and threat modeling skills.
Knowledge of Zero Trust Architecture and Identity Security.
Ability to lead major security incidents and crisis management efforts.
Experience with Active Directory, Microsoft Entra ID, CyberArk, or enterprise PAM solutions.
Experience with NIST CSF, NIST 800-61, MITRE, CIS Controls, and ATTACK evaluations.
Experience building SOC metrics, executive dashboards, and reporting for senior leadership.
Experience with security architecture reviews and cloud landing zone security.
Investigate advanced identity-based attacks involving Active Directory, Microsoft Entra ID, PAM, IAM, Kerberos, and hybrid identity environments.
Lead investigations involving Kubernetes, container runtime, virtualization platforms, and GPU infrastructure security.
Tools / Tech
SIEM (Splunk/ELK), EDR/XDR, image scanners (Trivy/Clair), OPA/Gatekeeper, Vault/KMS/HSM, HashiCorp Boundary (or equivalent), NVIDIA DCGM, NVIDIA BCM, Firewalls, DDOS, WAF, LB, VAM, PAM
Show more Show less